Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

"Cisco Feature Navigation" Page inconsistency

Hi: On the Cisco feature Navigator page (, when I select "IEEE 802.1x Guest VLANs on a Per-Port Basis" or "IEEE 802.1x Guest VLANs" it brings up a page showing this feature is available in CatOS.

But according to this document (, it says Guest VLAN is available in a 3560 switch with 12.1(19) EA1.

Why am I seeing this inconsistency?




Re: "Cisco Feature Navigation" Page inconsistency

You can configure a guest VLAN for each 802.1X port on the switch to provide limited services to clients (for example, how to download the 802.1X client). These clients might be upgrading their system for 802.1X authentication, and some hosts, such as Windows 98 systems, might not be 802.1X-capable.

When the authentication server does not receive a response to its EAPOL request/identity frame, clients that are not 802.1X-capable are put into the guest VLAN for the port, if one is configured. However, the server does not grant 802.1X-capable clients that fail authentication access to the network. Any number of hosts are allowed access when the switch port is moved to the guest VLAN. If an 802.1X-capable host joins the same port on which the guest VLAN is configured, the port is put into the unauthorized state in the user-configured access VLAN, and authentication is restarted.

Guest VLANs are supported on 802.1X ports in single-host or multiple-hosts mode.

You can configure any active VLAN except an RSPAN VLAN or a voice VLAN as an 802.1X guest VLAN. The guest VLAN feature is not supported on trunk ports; it is supported only on access ports.

For more information, see the "Configuring a Guest VLAN" section of