Cisco 3560x-24p 参考指南
2-44
Catalyst 3750-X and 3560-X Switch Command Reference
OL-21522-02
Chapter 2 Catalyst 3750-X and 3560-X Switch Cisco IOS Commands
authentication port-control
authentication port-control
Use the authentication port-control interface configuration command to enable manual control of the
port authorization state. Use the no form of this command to return to the default setting.
port authorization state. Use the no form of this command to return to the default setting.
authentication port-control {auto | force-authorized | force-un authorized}
no authentication port-control {auto | force-authorized | force-un authorized}
Syntax Description
Defaults
The default setting is force-authorized.
Command Modes
Interface configuration
Command History
Usage Guidelines
Use the auto keyword only on one of these port types:
•
Trunk port—If you try to enable authentication on a trunk port, an error message appears, and is not
enabled. If you try to change the mode of an port to trunk, an error message appears, and the port
mode is not changed.
enabled. If you try to change the mode of an port to trunk, an error message appears, and the port
mode is not changed.
•
Dynamic ports—A dynamic port can negotiate with its neighbor to become a trunk port. If you try
to enable authentication on a dynamic port, an error message appears, and authentication is not
enabled. If you try to change the mode of an port to dynamic, an error message appears, and the port
mode does not change.
to enable authentication on a dynamic port, an error message appears, and authentication is not
enabled. If you try to change the mode of an port to dynamic, an error message appears, and the port
mode does not change.
•
Dynamic-access ports—If you try to enable authentication on a dynamic-access (VLAN Query
Protocol [VQP]) port, an error message appears, and authentication is not enabled. If you try to
change an port to dynamic VLAN, an error message appears, and the VLAN configuration does not
change.
Protocol [VQP]) port, an error message appears, and authentication is not enabled. If you try to
change an port to dynamic VLAN, an error message appears, and the VLAN configuration does not
change.
auto
Enable authentication on the port. The port changes to the authorized or
unauthorized state based, on the authentication exchange between the
switch and the client.
unauthorized state based, on the authentication exchange between the
switch and the client.
force-authorized
Disable authentication on the port. The port changes to the authorized state
without an authentication exchange. The port sends and receives normal
traffic without authentication of the client.
without an authentication exchange. The port sends and receives normal
traffic without authentication of the client.
force-un authorized
Deny all access the port. The port changes to the unauthorized state,
ignoring all attempts by the client to authenticate. The switch cannot
provide authentication services to the client through the port.
ignoring all attempts by the client to authenticate. The switch cannot
provide authentication services to the client through the port.
Release
Modification
12.2(53)SE2
This command was introduced.