802.1x Commands
297
FILE LOCATION: C:\Users\gina\Desktop\Checkout_new\CLI Folders\Dell Contax
CLI\files\802.1X.fm
D E L L CO N F I D E N T I A L – P R E L I MI N A RY 5/ 1 5 /1 2 - F O R PR O O F O N LY
Syntax
dot1x port-control
{auto | force-authorized | force-unauthorized}
no dot1x port-control
Parameters
•
auto
—Enables 802.1x authentication on the interface and causes the port
to transition to the authorized or unauthorized state based on the 802.1x
authentication exchange between the device and the client.
•
force-authorized
—Disables 802.1x authentication on the interface and
causes the port to transition to the authorized state without any
authentication exchange required. The port resends and receives normal
traffic without 802.1x-based client authentication.
•
force-unauthorized
—Denies all access through this interface by forcing
the port to transition to the unauthorized state and ignoring all attempts
by the client to authenticate. The device cannot provide authentication
services to the client through the interface.
Default Configuration
The port is in the force-authorized state.
Command Mode
Interface Configuration (Ethernet) mode
User Guidelines
It is recommended to disable spanning tree or to enable spanning-tree
PortFast mode on 802.1x edge ports (ports in
auto
state that are connected to
end stations), in order to proceed to the forwarding state immediately after
successful authentication.
Example
The following example enables 802.1x authentication on gigabitethernet port
1/0/15.
Console(config)#
interface
gigabitethernet 1/0/15
Console(config-if)#
dot1x port-control auto