Cisco Systems 78-15328-01

2-391

Catalyst 6500 Series Switch Command Reference—Release7.6

78-15328-01

Chapter2 Catalyst 6500 Series Switch and ROM Monitor Commands set port dot1x

Command Types Switch command.

Command Modes Privileged.

Usage Guidelines The dot1x port will not be allowed to become a trunk port, MVAP, channel port, dynamic port, or a secure

port.

When setting the port control type, the following applies:

•force-authorized forces the controlled port to transition to the authorized state unconditionally and

is equivalent to disabling 802.1x restriction in the port.

•force-unauthorized forces the controlled port to transit to the unauthorized state unconditionally and

prevents the authorized services of the authenticator to the supplicant.

•auto enables 802.1x control on the port.

If you disable the multiple host feature, once a dot1 x p ort i s a uthor ize d thro ugh a succ es sful

authentication of a supplicant, only that particular host (MAC address) is al lowed on that port. When the

system detects another host (different MAC address) on the authorized port, it shuts down the port and

displays a syslog message. This is the default system behavior.

If you enable the multiple host feature, once a dot1x port is authorized through a successful

authentication of a supplicant, any host (any MAC address) is allowed to send or receive traffic on that

port.

If you enable reauthentication, you can set the reauthentication time period in seconds by entering the

set dot1x re-authperiod seconds command. The default for the reauthentication time period is

3600 seconds.

You can enable either multiple host mode or multiple authentication mode.

Examples This example shows how to set the port control type automatically:

Console> (enable) set port dot1x 4/1 port-control auto

Port 4/1 dot1x port-control is set to auto.

Console> (enable)

This example shows how to initialize dot1x on a port:

Console> (enable) set port dot1x 4/1 initialize

dot1x port 4/1 initializing...

dot1x initialized on port 4/1.

Console> (enable)

This example shows how to manually reauthenticate a port:

Console> (enable) set port dot1x 4/1 re-authenticate

dot1x port 4/1 re-authenticating...

dot1x re-authentication successful...

dot1x port 4/1 authorized.

Console> (enable)

This example shows how to enable multiple-user access on a specific port:

Console> (enable) set port dot1x 4/1 multiple-host enable

Multiple hosts allowed on port 4/1.

Console> (enable)