beautypg.com

Brocade FastIron Ethernet Switch Security Configuration Guide User Manual

Page 183

background image

Permit user access to the network after a RADIUS timeout

To set the RADIUS timeout behavior to bypass 802.1X authentication and permit user access to the
network, enter commands such as the following

device(config)#interface ethernet 3/1

device(config-if-e100-3/1)#dot1x auth-timeout-action success

Syntax: [no] dot1x auth-timeout-action success

Once the success timeout action is enabled, use the no form of the command to reset the RADIUS
timeout behavior to retry .

Re-authenticate a user

To configure RADIUS timeout behavior to bypass multi-device port authentication and permit user
access to the network, enter commands similar to the following

device(config)#interface ethernet 3/1

device(config-if-e100-3/1)#dot1x re-auth-timeout-success 60

Syntax: no dot1x re-auth-timeout- success seconds

The seconds parameter specifies the number of seconds the device will wait to re-authenticate a user
after a timeout. The minimum value is 10 seconds. The maximum value is 2 16 -1 (maximum unsigned
16-bit value).

Deny user access to the network after a RADIUS timeout

To set the RADIUS timeout behavior to bypass 802.1X authentication and block user access to the
network, enter commands such as the following

device(config)#interface ethernet 3/1

device(config-if-e100-3/1)#dot1x auth-timeout-action failure

Syntax: [no] dot1x auth-timeout-action failure

Once the failure timeout action is enabled, use the no form of the command to reset the RADIUS
timeout behavior to retry .

NOTE
If restrict-vlan is configured along with auth-timeout-action failure, the user will be placed into a VLAN
with restricted or limited access.Refer to

Allow user access to a restricted VLAN after a RADIUS timeout

on page 183.

Allow user access to a restricted VLAN after a RADIUS timeout

To set the RADIUS timeout behavior to bypass 802.1X authentication and place the user in a VLAN
with restricted or limited access, enter commands such as the following

device(config)#interface ethernet 3/1

device(config-if-e100-3/1)#dot1x auth-timeout-action failure

Syntax: [no] dot1x auth-timeout-action failure

Allow user access to a restricted VLAN after a RADIUS timeout

FastIron Ethernet Switch Security Configuration Guide

183

53-1003088-03

See also other documents in the category Brocade Computer Accessories: