set protocols dot1x server-fail recovery-method

The set protocols dot1x server-fail recovery-method command configures the way to get the client port out the server fail VLAN when the server is reachable.

Command Syntax

set protocols dot1x server-fail recovery-method <auto | manual | timer >

Parameter

Parameter

Description

recovery-method <auto | manual | timer >

Specifies the way to get the client port out the server fail VLAN when the server is reachable, the value could be auto, manual or timer.

auto: The system automatically removes the client port from the server fail VLAN when the server is reachable, and take authentication again.
manual: Manually remove the client port from the server fail VLAN when the server is reachable. Users need to clear MAC or bounce port to trigger client to take authentication again, otherwise the client port will not be removed from the server fail VLAN when the server is reachable.
timer: Remove the client port from the server fail VLAN after a certain amount of time when the server is reachable. The timer can be set by command set protocols dot1x interface recovery-timeout.

The default value is manual.

Usage Guidelines

If all the RADIUS servers are unreachable, the port connected to the client will be added to the server fail VLAN, and the packets from the client can be forwarded in server fail VLAN. The switch continues to send the detection packets continuously until the server is reachable. If one of the RADIUS servers is reachable, the switch removes this client from the server fail VLAN and adds it back into the block VLAN. This command configures the way to get the client port out the server fail VLAN when the server is reachable.

Example

Configure the way to get the client port out the server fail VLAN when the server is reachable.

admin@Xorplus# set protocols dot1x server-fail recovery-method auto
admin@Xorplus# commit