Dot1X Port-Control - Cisco 4500M Command Reference Manual
Command reference
Hide thumbs
Also See for 4500M:
- Software manual (608 pages) ,
- Hardware installation and maintenance manual (143 pages) ,
- Upgrade manual (24 pages)
Table of Contents
Advertisement
dot1x port-control
dot1x port-control
To enable manual control of the authorization state on a port, use the dot1x port-control command. To
return to the default setting, use the no form of this command.
Syntax Description
auto
force-authorized
force-unauthorized
Defaults
The port 802.1x authorization is disabled.
Command Modes
Interface configuration
Command History
Release
12.1(12c)EW
Usage Guidelines
The 802.1x protocol is supported on both Layer 2 static-access ports and Layer 3-routed ports.
You can use the auto keyword only if the port is not configured as one of these:
•
•
•
Catalyst4500 Series SwitchCiscoIOS Command Reference—Release 12.2(18)EW
2-86
dot1x port-control {auto | force-authorized | force-unauthorized}
no dot1x port-control {auto | force-authorized | force-unauthorized }
Enables 802.1x authentication on the interface and causes the port to
transition to the authorized or unauthorized state based on the 802.1x
authentication exchange between the switch and the client.
Disables 802.1x authentication on the interface and causes the port to
transition to the authorized state without any authentication exchange
required. The port transmits and receives normal traffic without 802.1x-based
authentication of the client.
Denies all access through the specified interface by forcing the port to
transition to the unauthorized state, ignoring all attempts by the client to
authenticate. The switch cannot provide authentication services to the client
through the interface.
Modification
Support for this command was introduced on the Catalyst 4500 series switch.
Trunk port—If you try to enable 802.1x on a trunk port, an error message appears, and 802.1x is not
enabled. If you try to change the mode of an 802.1x-enabled port to trunk, the port mode is not
changed.
Dynamic ports—A port in dynamic mode can negotiate with its neighbor to become a trunk port. If
you try to enable 802.1x on a dynamic port, an error message appears, and 802.1x is not enabled. If
you try to change the mode of an 802.1x-enabled port to dynamic, the port mode is not changed.
EtherChannel port—Before enabling 802.1x on the port, you must first remove it from the
EtherChannel. If you try to enable 802.1x on an EtherChannel or on an active port in an
EtherChannel, an error message appears, and 802.1x is not enabled. If you enable 802.1x on an
inactive port of an EtherChannel, the port does not join the EtherChannel.
Chapter2
Cisco IOS Commands for the Catalyst 4500 Series Switches
78-16201-01
Advertisement
Table of Contents
