set protocols dot1x aaa radius authentication server-ip retry-interval
- Tracy Yang
The set protocols dot1x aaa radius authentication server-ip retry-interval command configures the interval for re-sending the authentication messages to the AAA server when the AAA server does not respond during NAC authentication.
Command Syntax
set protocols dot1x aaa radius authentication server-ip <ipv4-address> retry-interval <retry-interval>
Parameter
Parameter | Description |
server-ip <ipv4-address> | Specifies IPv4 address of RADIUS authentication server. |
retry-interval <retry-interval> | Specifies the interval for re-sending the authentication messages. The value is an integer that ranges from 1 to 5, in seconds. The default value is 1s. |
Usage Guidelines
When performing NAC authentication, if the AAA server does not respond to the switch, switch re-sends authentication message to the AAA server for several times. Use command set protocols dot1x aaa radius authentication server-ip <ipv4-address> retry-num <retry-num> to configure the maximum number of authentication attempts, use command set protocols dot1x aaa radius authentication server-ip <ipv4-address> retry-interval <retry-interval> to configure the interval for re-sending the authentication messages.
If the AAA server still does not respond after trying the times of retry-num, it is considered inaccessible. If all the AAA servers are inaccessible, the access port of the client will be added to the server fail VLAN, and the packets from the client can only be forwarded in this VLAN.
Example
- Configure the interval for re-sending the authentication messages.
admin@Xorplus# set protocols dot1x aaa radius authentication server-ip 10.10.10.1 retry-interval 3 admin@Xorplus# commit
Copyright © 2024 Pica8 Inc. All Rights Reserved.