Dot1X Port-Control - Cisco Catalyst 4500 Series Command Reference Manual
Cisco ios command reference release ios xe 3.4.0sg and ios 15.1(2)sg
Hide thumbs
Also See for Catalyst 4500 Series:
- Software configuration manual (2086 pages) ,
- Administration manual (1814 pages) ,
- Configuration manual (1610 pages)
Table of Contents
Advertisement
Chapter 2
Cisco IOS Commands for the Catalyst 4500 Series Switches
dot1x port-control
To enable manual control of the authorization state on a port, use the dot1x port-control command. To
return to the default setting, use the no form of this command.
Syntax Description
auto
force-authorized
force-unauthorized
Defaults
The port 802.1X authorization is disabled.
Command Modes
Interface configuration mode
Command History
Release
12.1(12c)EW
Usage Guidelines
The 802.1X protocol is supported on both the Layer 2 static-access ports and the Layer 3-routed ports.
You can use the auto keyword only if the port is not configured as follows:
•
•
•
OL-27596 -01
dot1x port-control {auto | force-authorized | force-unauthorized}
no dot1x port-control {auto | force-authorized | force-unauthorized}
Enables 802.1X authentication on the interface and causes the port to
transition to the authorized or unauthorized state based on the 802.1X
authentication exchange between the switch and the client.
Disables 802.1X authentication on the interface and causes the port to
transition to the authorized state without any authentication exchange
required. The port transmits and receives normal traffic without
802.1X-based authentication of the client.
Denies all access through the specified interface by forcing the port to
transition to the unauthorized state, ignoring all attempts by the client to
authenticate. The switch cannot provide authentication services to the client
through the interface.
Modification
Support for this command was introduced on the Catalyst 4500 series switch.
Trunk port—If you try to enable 802.1X on a trunk port, an error message appears, and 802.1X is
not enabled. If you try to change the mode of an 802.1X-enabled port to trunk, the port mode is not
changed.
Dynamic ports—A port in dynamic mode can negotiate with its neighbor to become a trunk port. If
you try to enable 802.1X on a dynamic port, an error message appears, and 802.1X is not enabled.
If you try to change the mode of an 802.1X-enabled port to dynamic, the port mode is not changed.
EtherChannel port—Before enabling 802.1X on the port, you must first remove it from the
EtherChannel. If you try to enable 802.1X on an EtherChannel or on an active port in an
EtherChannel, an error message appears, and 802.1X is not enabled. If you enable 802.1X on an
inactive port of an EtherChannel, the port does not join the EtherChannel.
Catalyst 4500 Series Switch Cisco IOS Command Reference—Release IOS XE 3.4.0SG and IOS 15.1(2)SG)
dot1x port-control
2-225
- Quick Links:
- Show Commands
Hide quick links:
Advertisement
Table of Contents
