• Download PDFs
• server-reject-vlan  

• Related Topics
• show dot1x
• Example: Connecting a RADIUS Server for 802.1X to an EX-series Switch
• Configuring Server Fail Fallback (CLI Procedure)
• Understanding Server Fail Fallback and 802.1X Authentication on EX-series Switches

server-reject-vlan

Syntax

Hierarchy Level

Release Information

Statement introduced in JUNOS Release 9.3 for EX-series switches.

Description

For EX-series switches configured for 802.1X authentication, specify that when the switch receives an Extensible Authentication Protocol Over LAN (EAPOL) Access-Reject message during the authentication process between the switch and the RADIUS authentication server, supplicants attempting access to the LAN are granted access and moved to a specific VLAN. Any VLAN name or VLAN ID sent by a RADIUS server as part of the EAPOL Access-Reject message is ignored.

When you specify the VLAN ID or VLAN name, the VLAN must already be configured on the switch.

Default

None

Options

vlan-id —Numeric identifier of the VLAN to which the supplicant is moved.

vlan-name—Name of the VLAN to which the supplicant is moved.

Required Privilege Level

routing—To view this statement in the configuration.
routing-control—To add this statement to the configuration.