Controls port-state authorization and configures the port control type to activate authentication on an 802.1X-enabled interface.
The default port state is auto.
Interface subtype configuration mode
Before activating the authentication using the dot1x port-control auto command on a port, you must remove the configured static ACL and static VLANs, if any, from the port.
802.1x port authentication is not supported by LAG (Link Aggregation Group) or interfaces that participate in a LAG.
The no form of the command resets the port control type to the default state.
The following example configures the interface to place the port unconditionally in the unauthorized state until authentication takes place between the client and authentication server. Once the client passes authentication, the port becomes authorized.
device(config)# interface Ethernet 1/1 device(conf-if-eth-1/1)# dot1x port-control auto
The following example configures the interface to place the controlled port unconditionally in the authorized state.
device(config)# interface Ethernet 1/1 device(conf-if-eth-1/1)# dot1x port-control force-authorized
The following example configures the interface to place the controlled port unconditionally in the unauthorized state.
device(config)# interface Ethernet 1/1 device(conf-if-eth-1/1)# dot1x port-control force-unauthorized