set protocols dot1x aaa radius authentication server-ip retry-num
The set protocols dot1x aaa radius authentication server-ip retry-num command configures the maximum number of authentication attempts when the AAA server does not respond during NAC authentication.
Command Syntax
set protocols dot1x aaa radius authentication server-ip <ipv4-address> retry-num <retry-num>
Parameter
Parameter | Description |
server-ip <ipv4-address> | Specifies IPv4 address of RADIUS authentication server. |
retry-num <retry-num> | Specifies the maximum number of authentication attempts. The value is an integer that ranges from 1 to 5. The default value is 3. |
Usage Guidelines
When performing NAC authentication, if the AAA server does not respond to the switch, switch sends authentication message to the AAA server for several times. Use this command to configure the maximum number of authentication attempts, use another command set protocols dot1x aaa radius authentication server-ip <ipv4-address> retry-interval <retry-interval> to configure the interval for re-sending the authentication messages.
If the AAA server still does not respond after trying the times of retry-num, the AAA server is considered inaccessible. If all the AAA servers are inaccessible, the access port of the client will be added to the server fail VLAN, and the packets from the client can only be forwarded in this VLAN.
Example
- Configure the maximum number of authentication attempts to 2.
admin@Xorplus# set protocols dot1x aaa radius authentication server-ip 10.10.10.1 retry-num 2 admin@Xorplus# commit
Copyright © 2024 Pica8 Inc. All Rights Reserved.