2-142Cisco Catalyst Blade Switch 3130 and 3032 for Dell Command ReferenceOL-13271-03Chapter 2 Cisco Catalyst Blade Switch 3130 and 3032 for Dell Cisco IOS Commandsdot1x port-controldot1x port-controlUse the dot1x port-control interface configuration command on the switch stack or on a standaloneswitch to enable manual control of the authorization state of the port. Use the no form of this commandto return to the default setting.dot1x port-control {auto | force-authorized | force-unauthorized}no dot1x port-controlSyntax DescriptionDefaults The default is force-authorized.Command Modes Interface configurationCommand HistoryUsage Guidelines You must globally enable IEEE 802.1x authentication on the switch by using the dot1xsystem-auth-control global configuration command before enabling IEEE 802.1x authentication on aspecific port.The IEEE 802.1x standard is supported on Layer 2 static-access ports, voice VLAN ports, and Layer 3routed ports.You can use the auto keyword only if the port is not configured as one of these:• Trunk port—If you try to enable IEEE 802.1x authentication on a trunk port, an error messageappears, and IEEE 802.1x is not enabled. If you try to change the mode of an IEEE 802.1x-enabledport to trunk, an error message appears, and the port mode is not changed.• Dynamic ports—A port in dynamic mode can negotiate with its neighbor to become a trunk port. Ifyou try to enable IEEE 802.1x authentication on a dynamic port, an error message appears, andIEEE 802.1x authentication is not enabled. If you try to change the mode of an IEEE 802.1x-enabledport to dynamic, an error message appears, and the port mode is not changed.auto Enable IEEE 802.1x authentication on the port and cause the port to change tothe authorized or unauthorized state based on the IEEE 802.1x authenticationexchange between the switch and the client.force-authorized Disable IEEE 802.1x authentication on the port and cause the port to transitionto the authorized state without an authentication exchange. The port sends andreceives normal traffic without IEEE 802.1x-based authentication of the client.force-unauthorized Deny all access through this port by forcing the port to change to theunauthorized state, ignoring all attempts by the client to authenticate. Theswitch cannot provide authentication services to the client through the port.Release Modification12.2(40)EX1 This command was introduced.