Authentication Port-Control - Cisco catalyst 3750 Command Reference Manual
Hide thumbs
Also See for catalyst 3750:
- Software configuration manual (926 pages) ,
- Command reference manual (854 pages) ,
- Hardware installation manual (231 pages)
Table of Contents
Advertisement
Chapter 2
Catalyst 3750 Switch Cisco IOS Commands
authentication port-control
Use the authentication port-control interface configuration command to enable manual control of the
port authorization state. Use the no form of this command to return to the default setting.
Syntax Description
auto
force-authorized
force-un authorized
Defaults
The default setting is force-authorized.
Command Modes
Interface configuration
Command History
Release
12.2(50)SE
Usage Guidelines
Use the auto keyword only on one of these port types:
•
•
•
•
OL-8552-07
authentication port-control {auto | force-authorized | force-un authorized}
no authentication port-control {auto | force-authorized | force-un authorized}
Enable IEEE 802.1x authentication on the port. The port changes to the
authorized or unauthorized state based, on the IEEE 802.1x authentication
exchange between the switch and the client.
Disable IEEE 802.1x authentication on the port. The port changes to the
authorized state without an authentication exchange. The port sends and
receives normal traffic without IEEE 802.1x-based authentication of the
client.
Deny all access the port. The port changes to the unauthorized state,
ignoring all attempts by the client to authenticate. The switch cannot
provide authentication services to the client through the port.
Modification
This command was introduced.
Trunk port—If you try to enable IEEE 802.1x authentication on a trunk port, an error message
appears, and IEEE 802.1x is not enabled. If you try to change the mode of an IEEE 802.1x-enabled
port to trunk, an error message appears, and the port mode is not changed.
Dynamic ports—A dynamic port can negotiate with its neighbor to become a trunk port. If you try
to enable IEEE 802.1x authentication on a dynamic port, an error message appears, and IEEE 802.1x
authentication is not enabled. If you try to change the mode of an IEEE 802.1x-enabled port to
dynamic, an error message appears, and the port mode does not change.
Dynamic-access ports—If you try to enable IEEE 802.1x authentication on a dynamic-access
(VLAN Query Protocol [VQP]) port, an error message appears, and IEEE 802.1x authentication is
not enabled. If you try to change an IEEE 802.1x-enabled port to dynamic VLAN, an error message
appears, and the VLAN configuration does not change.
EtherChannel port—Do not configure a port that is an active or a not-yet-active member of an
EtherChannel as an IEEE 802.1x port. If you try to enable IEEE 802.1x authentication on an
EtherChannel port, an error message appears, and IEEE 802.1x authentication is not enabled.
authentication port-control
Catalyst 3750 Switch Command Reference
2-37
Advertisement
Chapters
Table of Contents
