Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

802.1x inaccessible authentication bypass

I am having 2960 switch on which dot1x is configured. It is also configured for AAA authentication. when user tries to connect to a local network, it gets authencated from a radius server and a user is allowed in a network.

Now I want all critical users to get connected in the network evenif the radius server is not reachable.

Hence for the same I have configured the 802.1x "inaccessible authentication bypass" feature as per cisco configuration guide.

But still, whenever I unpluge the radius server and try to connect the user in network, Dot1x asks for the username and password and do not allow network connection.

I have even tried using the radius as a first auth. and local database as a second auth. method. But still no success.

Does anybody has experianced this problem???


Re: 802.1x inaccessible authentication bypass

Hello Prashant

Can you post the port configurations here ? have you configured the critical port, radius parameters etc, and does the switch recognize that the radius server is down ?

I think this is more to do with the design of the entire dot1x authentication.. I have tried this in labs and have had tough times, generating these scenarios.. we would hardly able to justify this feature on the network. I think it is highly advisible to have dual radius servers (or even more than 2), and configure the switches with standby radius servers.. I really wouldnt want my network enabled with 802.1x and having issues contacting the radius server.. even though we have options and solutions to overcome it, i wouldnt want too many complications on the 802.1x front..

Hope this helps.. all the best.. rate replies if found useful..


New Member

Did you resolve this issue?

Did you resolve this issue?

CreatePlease to create content