Skip to main content
Cisco SD-WAN
Support
Product Documentation
Viptela Documentation

host-mode

vpn interface dot1x host-mode—Set whether an 802.1X interface grants access to a single client or to multiple clients (on vEdge routers only).

By default, only one authenticated client is allowed on an 802.1X port.

vManage Feature Template

For vEdge routers only:

Configuration ► Templates ► VPN Interface Ethernet

Command Hierarchy

vpn vpn-id
  interface interface-name
    dot1x
      host-mode (multi-auth | multi-host | single-host)

Options

Multiple Authenticated Clients
multi-auth
A single 802.1X interface grants access to multiple authenticated clients on data VLANs.
Multiple Clients
multi-host
A single 802.1X interface grants access to multiple clients. Only one of the attached clients must be authorized for the interface to grant access to all clients. If the interface becomes unauthorized, the vEdge router denies network access to all attached clients.
Single Client
single-host
The 802.1X interface grants access only to the first authenticated client. All other clients attempting access are denied and dropped.

Example

Configure the 802.1X interface to grant access to multiple clients:

vpn 0
  interface ge0/0
    dot1x
      multi-host

Release Information

Command introduced in Viptela Software Release 16.3.​

Additional Information

radius

  • Was this article helpful?