Configuration guidelines

Follow these guidelines when you configure an 802.1X guest VLAN:

Table 6: Relationships of the 802.1X guest VLAN and other security features

Feature

Relationship description

Reference

Super VLAN

You cannot specify a VLAN as both a super VLAN and an 802.1X guest VLAN.

See Layer 2—LAN Switching Configuration Guide.

MAC authentication guest VLAN on a port that performs MAC-based access control

Only the 802.1X guest VLAN take effect. A user who fails MAC authentication will not be assigned to the MAC authentication guest VLAN.

See "Configuring MAC authentication."

802.1X Auth-Fail VLAN on a port that performs MAC-based access control

The 802.1X Auth-Fail VLAN has a higher priority.

See "Using 802.1X authentication with other features."

Port intrusion protection on a port that performs MAC-based access control

The 802.1X guest VLAN function has higher priority than the block MAC action but lower priority than the shut down port action of the port intrusion protection feature.

See "Configuring port security."