aaa authentication port-access allow-cdp-bpdu
Syntax
aaa authentication port-access allow-cdp-bpdu
no aaa authentication port-access allow-cdp-bpdu
Description
Allows all packets related to the CDP (Cisco Discovery Protocol) BPDU (Bridge Protocol Data Unit) on a secure port.
The
no
form of this command blocks the CDP BPDU on a secure port. On a nonsecure port, the command has no effect.
Command context
config-if
Authority
Administrators or local user group members with execution rights for this command.
Examples
On the 6400 Switch Series, interface identification differs.
Allowing a CDP BPDU on secure port 1/1/1:
switch(config)# interface 1/1/1 switch(config-if)# aaa authentication port-access allow-cdp-bpdu switch(config-if)# do show running-config Current configuration: ! !Version ArubaOS-CX 10.0X.0000 led locator on ! ! vlan 1 aaa authentication port-access mac-auth enable aaa authentication port-access dot1x authenticator enable interface 1/1/1 no shutdown vlan access 1 aaa authentication port-access allow-cdp-bpdu aaa authentication port-access mac-auth enable aaa authentication port-access dot1x authenticator enable switch(config-if)# do show port-access device-profile interface all Port 1/1/1, Neighbor-Mac 00:0c:29:9e:d1:20 Profile Name : access_switches LLDP Group : CDP Group : aruba-ap_cdp Role : test_ap_role Status : In Progress Failure Reason :
Blocking LLDP packet on secure port 1/1/1:
switch(config)# interface 1/1/1 switch(config-if)# no aaa authentication port-access allow-cdp-bpdu switch(config-if)# do show running-config Current configuration: ! !Version ArubaOS-CX 10.0X.0000 led locator on ! ! vlan 1 aaa authentication port-access mac-auth enable interface 1/1/1 no shutdown vlan access 1 aaa authentication port-access mac-auth enable