Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

IEEE 802.1x inaccessible authentication bypass

Hi,

When this feature is enabled, the switch checks the status of the configured RADIUS servers whenever the switch tries to authenticate a host connected to a critical port. If a server is available, the switch can authenticate the host. However, if all the RADIUS servers are unavailable, the switch grants network access to the host and puts the port in the critical-authentication state, which is a special case of the authentication state.

Step 1

configure terminal

Step 2

interface interface-id

Specify the port to be configured, and enter interface configuration mode.

Step 3

dot1x critical

Enable the inaccessible authentication bypass feature.

My query is where we are saying that if ACS is not reachable put the port in a vlan. Since ACs is not reachable the port will not get vlan assignment. By using this feature how we can make a port belong to a vlan in loss of connectivity to ACS?

1 REPLY
Silver

Re: IEEE 802.1x inaccessible authentication bypass

What image are you running now ? I am facing the same problem in 8.4(1) workround : upgrade to 8.4(2)GLX.

508
Views
0
Helpful
1
Replies
CreatePlease to create content