Name: Cisco Catalyst 3750-X
Brand: Cisco
Rating: 5 (1 reviews)

To Next Page

To Previous Page

2-197

Catalyst 3750-X and 3560-X Switch Command Reference

OL-29704-01

Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands

dot1x port-control

Use the dot1x port-control interface configuration command on the switch stack or on a standalone

switch to enable manual control of the authorization state of the port. Use the no form of this command

to return to the default setting.

dot1x port-control {auto | force-authorized | force-unauthorized}

no dot1x port-control

Syntax Description

Defaults The default is force-authorized.

Command Modes Interface configuration

Command History

Usage Guidelines You must globally enable IEEE 802.1x authentication on the switch by using the dot1x

system-auth-control global configuration command before enabling IEEE 802.1x authentication on a

specific port.

The IEEE 802.1x standard is supported on Layer 2 static-access ports, voice VLAN ports, and Layer 3

routed ports.

You can use the auto keyword only if the port is not configured as one of these:

• Trunk port—If you try to enable IEEE 802.1x authentication on a trunk port, an error message

appears, and IEEE 802.1x is not enabled. If you try to change the mode of an IEEE 802.1x-enabled

port to trunk, an error message appears, and the port mode is not changed.

• Dynamic ports—A port in dynamic mode can negotiate with its neighbor to become a trunk port. If

you try to enable IEEE 802.1x authentication on a dynamic port, an error message appears, and

IEEE 802.1x authentication is not enabled. If you try to change the mode of an IEEE 802.1x-enabled

port to dynamic, an error message appears, and the port mode is not changed.

auto Enable authentication on the port and cause the port to change to the authorized

or unauthorized state based on the IEEE 802.1x authentication exchange

between the switch and the client.

force-authorized Disable authentication on the port and cause the port to transition to the

authorized state without an authentication exchange. The port sends and

receives normal traffic without authentication of the client.

force-unauthorized Deny all access through this port by forcing the port to change to the

unauthorized state, ignoring all attempts by the client to authenticate. The

switch cannot provide authentication services to the client through the port.

Release Modification

12.2(53)SE2 This command was introduced.

Cisco Catalyst 3750-X Command Reference

Other manuals for Cisco Catalyst 3750-X