2-391
Catalyst 6500 Series Switch Command Reference—Release7.6
78-15328-01
Chapter2 Catalyst 6500 Series Switch and ROM Monitor Commands set port dot1x
Command Types Switch command.
Command Modes Privileged.
Usage Guidelines The dot1x port will not be allowed to become a trunk port, MVAP, channel port, dynamic port, or a secure
port.
When setting the port control type, the following applies:
•force-authorized forces the controlled port to transition to the authorized state unconditionally and
is equivalent to disabling 802.1x restriction in the port.
•force-unauthorized forces the controlled port to transit to the unauthorized state unconditionally and
prevents the authorized services of the authenticator to the supplicant.
•auto enables 802.1x control on the port.
If you disable the multiple host feature, once a dot1 x p ort i s a uthor ize d thro ugh a succ es sful
authentication of a supplicant, only that particular host (MAC address) is al lowed on that port. When the
system detects another host (different MAC address) on the authorized port, it shuts down the port and
displays a syslog message. This is the default system behavior.
If you enable the multiple host feature, once a dot1x port is authorized through a successful
authentication of a supplicant, any host (any MAC address) is allowed to send or receive traffic on that
port.
If you enable reauthentication, you can set the reauthentication time period in seconds by entering the
set dot1x re-authperiod seconds command. The default for the reauthentication time period is
3600 seconds.
You can enable either multiple host mode or multiple authentication mode.
Examples This example shows how to set the port control type automatically:
Console> (enable) set port dot1x 4/1 port-control auto
Port 4/1 dot1x port-control is set to auto.
Console> (enable)
This example shows how to initialize dot1x on a port:
Console> (enable) set port dot1x 4/1 initialize
dot1x port 4/1 initializing...
dot1x initialized on port 4/1.
Console> (enable)
This example shows how to manually reauthenticate a port:
Console> (enable) set port dot1x 4/1 re-authenticate
dot1x port 4/1 re-authenticating...
dot1x re-authentication successful...
dot1x port 4/1 authorized.
Console> (enable)
This example shows how to enable multiple-user access on a specific port:
Console> (enable) set port dot1x 4/1 multiple-host enable
Multiple hosts allowed on port 4/1.
Console> (enable)