I have dot1x configured on my 3560 switch. At the switch port level, dot1X was enabled however it was globally disabled using no dot1x system-auth-control. Users were able to connect without any problem.
Recently I upgraded the IOS on 3560 edge switches from 12.2(46)SE to 12.2(53)SE and all the users were not able to gain access to the
network. Only after i disabled dot1X on individual ports, users regained network connectivity.
In older IOS's, if I was facing some problem with 802.1x, I used to just disable dot1x globally without touching the port level config and users were able to gain network access without any problems. My understanding is that irrespective of port level configuration, if dot1x is disabled globally, then users should not have any problem in connecting to the network.
Is this a bug or is it the way supposed to operate in new IOS?