5.3.5 Dead interval function of RADIUS servers communication
If the switch does not receive a response from a RADIUS server, it will use other RADIUS servers for a period specified by the authentication radius-server dead-interval configuration command. The initial RADIUS server resumes authentication after this interval. If all RADIUS servers are unresponsive, authentication will fail for the duration of the period specified by the authentication radius-server dead-interval configuration command, even if communication is restored within the dead interval. To restore the RADIUS servers to active status, execute the following operation commands:
-
Web authentication: clear web-authentication dead-interval-timer
-
MAC-based authentication: clear mac-authentication dead-interval-timer
The figure below illustrates how the dead interval functionality works with RADIUS servers.
|
The following table describes which Layer 2 authentication types support the use of a dead interval with RADIUS servers.
Functionality |
IEEE802.1X |
Web Authentication |
MAC-based Authentication |
|||
---|---|---|---|---|---|---|
Fixed VLAN mode |
Dynamic VLAN mode |
Fixed VLAN mode |
Dynamic VLAN mode |
Fixed VLAN mode |
Dynamic VLAN mode |
|
Dead-interval functionality of RADIUS server communication |
NG |
NG |
OK |
OK |
OK |
OK |
Legend: OK: Supported, NG: Not supported