Port control for authentication
To activate authentication on an 802.1X-enabled interface, you must specify the kind of port control to be used on the interface.
The port control type can be one of the following:
- force-authorized: The controlled port is placed unconditionally in the authorized state, allowing all traffic. This is the default state for ports on the device.
- force-unauthorized: The controlled port is placed unconditionally in the unauthorized state.
- auto:
The controlled port is unauthorized until authentication takes place between
the client and the authentication server. Once the client passes
authentication, the client is authorized to send traffic through that port.
Auto is the default port control type used when 802.1X authentication is
enabled on the port.
Note
Before activating the authentication on a port, you must remove the
configured static ACL and static VLANs, if any, from the port.
Note
Do not
configure ACLs or VLANs through the CLI manually on the authentication-enabled port.
