set protocols dot1x aaa radius authentication server-ip retry-num

The set protocols dot1x aaa radius authentication server-ip retry-num command configures the maximum number of authentication attempts when the AAA server does not respond during NAC authentication.

Command Syntax

set protocols dot1x aaa radius authentication server-ip <ipv4-address> retry-num <retry-num>

Parameter

Parameter

Description

server-ip <ipv4-address>

Specifies IPv4 address of RADIUS authentication server.

retry-num <retry-num>

Specifies the maximum number of authentication attempts. The value is an integer that ranges from 1 to 5.

The default value is 3.

Usage Guidelines

When performing NAC authentication, if the AAA server does not respond to the switch, switch sends authentication message to the AAA server for several times. Use this command to configure the maximum number of authentication attempts, use another command set protocols dot1x aaa radius authentication server-ip <ipv4-address> retry-interval <retry-interval> to configure the interval for re-sending the authentication messages.

If the AAA server still does not respond after trying the times of retry-num, the AAA server is considered inaccessible. If all the AAA servers are inaccessible, the access port of the client will be added to the server fail VLAN, and the packets from the client can only be forwarded in this VLAN.

Example

Configure the maximum number of authentication attempts to 2.

admin@Xorplus# set protocols dot1x aaa radius authentication server-ip 10.10.10.1 retry-num 2
admin@Xorplus# commit

PICOS-4.4.4_Configuration_Guide (Special Release)

set protocols dot1x aaa radius authentication server-ip retry-num

Analytics

Related content