10-54
Catalyst 3750-E and 3560-E Switch Software Configuration Guide
OL-9775-08
Chapter 10 Configuring IEEE 802.1x Port-Based Authentication
Configuring 802.1x Authentication
To return to the default value, use the no dot1x auth-fail max-attempts interface configuration
command.
This example shows how to set 2 as th
e number of authentication attempts allowed before the port moves
to the restricted VLAN:
Switch(config-if)# dot1x auth-fail max-attempts 2
Configuring the Inaccessible Authentication Bypass Feature
You can configure the inaccessible bypass feature, also referred to as critical authentication or the AAA
fail policy.
Beginning in privileged EXEC mode, follow these steps to configure the port as a critical port and enable
th
e inaccessible authentication bypass feature. This procedure is optional.
Command Purpose
Step 1
configure terminal Enter global configuration mode.
Step 2
radius-server dead-criteria
time time tries tries
(Optional) Set the conditions that are used to decide when a RADIUS server is
considered unavailable or dead.
The range for time i
s from 1 to 120 seconds. The switch dynamically determines
the default seconds value that is 10 to 60 seconds.
The range for tries
is from 1 to 100. The switch dynamically determines the
default tries parameter that is 10 to 100.
Step 3
radius-server deadtime
minutes
(Optional) Set the number of minutes that a RADIUS server is not sent requests.
The range is from 0 to 1440 minutes (24 hours). The default is 0 minutes.
To Next Page
Loading...
