When first configuring authentication on a switch (in this case a 2960X running 15.2(2)E10), how can you authenticate a port for the first time without bouncing it? I've got a port that is already up, with a device connected, and no authentication configured. When I then configure dot1x/mab on the port, it stays up and running without attempting to authenticate. In order for the initial authentication to happen, I have to bounce the port. I'm trying to find a way to just have a newly configured port authenticate without having to bounce it first. I've tried clearing authentication on the port, clearing mac addresses, setting it to force-authorized, nothing seems to work.

The issue is, if I have to bounce the port, it cuts PoE to any phone attached and causes a multi-minute outage. Since our initial rollout is low-impact mode with authentication open, if I can force a newly configured port to authenticate without a bounce, I can do it non-disruptively and outside of a maintenance window. Any suggestions?