7.2.3 Changing IEEE802.1X Authorization Status

<Structure of this section>

(1) Initializing Authentication Status

To initialize the authentication status of connected devices, use the clear dot1x auth-state command. You can specify a port number, VLAN ID, or terminal MAC address as the object of the command. If you omit this specification, the switch will initialize all authentication information.

After you execute this command, affected terminals must undergo re-authentication before they can access the network again.

Figure 7-5: Example of initializing the status of all IEEE802.1X authentications in a device
> clear dot1x auth-state Initialize all 802.1X Authentication Information. Are you sure? (y/n) :y

(2) Forced re-authentication

To force re-authentication for connected devices, use the reauthenticate dot1x command. You can specify a port number, VLAN ID, or terminal MAC address as the object of the command. If you omit this specification, the switch will force all authenticated terminals to undergo re-authentication.

Executing this command does not affect the network access of supplicants that are able to re-authenticate successfully.

Figure 7-6: Example of re-authenticating with all IEEE802.1X authenticated ports and VLAN on the switch
> reauthenticate dot1x Reauthenticate all 802.1X ports and vlans. Are you sure? (y/n) :y