...
The purpose of a server fail VLAN is to provide limited network connectivity to users in the event of AAA server failure or unreachability. After a RADIUS server is configured, the switch sends the Test Radius Request message to the server to detect the reachability of the RADIUS server. If all the RADIUS servers are unreachable, the port connected to the client will be added to the server fail VLAN, and the packets from the client can be forwarded in server fail VLAN. The switch continues to send the detection packets every 5 seconds second for 3 times (can be set by CLI command) to check whether the server is reachable. If one of the RADIUS servers is reachable, the switch removes this client from the server fail VLAN and adds it back into the block VLAN, and the switch stops sending the detective packets.
...
| Code Block |
|---|
admin@Xorplus# run show dot1x server Server-IP Reachability-IP Status Priority Activity Retry-Interval Retry-Num ---------------- ------------ -------- 10.10.50.65 reachable -------- -------------- --------- 10.10.51.70 reachable 2 * 5 Sec(s) 5 10.10.50.72 reachable 3 - 1 Sec(s) 3 10.10.53.72 reachable ... - 5 Sec(s) 5 admin@Xorplus# run show dot1x all Global-Info: --------------------------------------------------------------------------------- NAS-IP : 10.10.1.1 Block-VLAN : 2 Block-VLAN-IP : 172.16.1.1/24 WEB-AUTH-MODE : Remote Server-Fail-VLAN : 100 -------------------------------------------------------------------------------- |
...