Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipment2950G 24 - Catalyst Switch
71727374757677787980
2-56
Catalyst 2950 and Catalyst 2955 Switch Command Reference
78-15304-01
Chapter 2 Cisco IOS Commands
dot1x port-control
dot1x port-control
Use the dot1x port-control interface configuration command to enable manual control of the
authorization state of the port. Use the no form of this command to return to the default setting.
dot1x port-control {auto | force-authorized | force-unauthorized}
no dot1x port-control
Syntax Description
Defaults The authorization state is force-authorized.
Command Modes Interface configuration
Command History
Usage Guidelines The 802.1X protocol is supported on Layer 2 static-access ports.
You can use the auto keyword only if the port is not configured as one of these:
Trunk portIf you try to enable 802.1X on a trunk port, an error message appears, and 802.1X is
not enabled. If you try to change the mode of an 802.1X-enabled port to trunk, the port mode is not
changed.
Dynamic portA port in dynamic mode can negotiate with its neighbor to become a trunk port. If
you try to enable 802.1X on a dynamic port, an error appears, and 802.1X is not enabled. If you try
to change the mode of an 802.1X-enabled port to dynamic, the port mode is not changed.
Dynamic-access portIf you try to enable 802.1X on a dynamic-access (VLAN Query Protocol
[VQP]) port, an error appears, and 802.1X is not enabled. If you try to change an 802.1X-enabled
port to dynamic VLAN assignment, an error appears, and the VLAN configuration is not changed.
EtherChannel portBefore enabling 802.1X on the port, you must first remove it from the
EtherChannel. If you try to enable 802.1X on an EtherChannel or on an active port in an
EtherChannel, an error appears, and 802.1X is not enabled. If you enable 802.1X on a not-yet active
port of an EtherChannel, the port does not join the EtherChannel.
auto Enable 802.1X authentication on the interface and cause the port to transition
to the authorized or unauthorized state based on the 802.1X authentication
exchange between the switch and the client.
force-authorized Disable 802.1X authentication on the interface and cause the port to transition
to the authorized state without any authentication exchange required. The port
transmits and receives normal traffic without 802.1X-based authentication of
the client.
force-unauthorized Deny all access through this interface by forcing the port to transition to the
unauthorized state, ignoring all attempts by the client to authenticate. The
switch cannot provide authentication services to the client through the interface.
Release Modification
12.1(6)EA2 This command was first introduced.