Configuring Server Fail Fallback (CLI Procedure)
Server fail fallback allows you to specify how end devices connected to the switch are
supported if the RADIUS authentication server becomes unavailable or sends an Extensible
Authentication Protocol Over LAN (EAPOL) access-reject message.
802.1X and MAC RADIUS authentication work by using an
authenticator port access entity
(the EX Series switch) to block all traffic to and from an end device at the interface until
the end device's credentials are presented and matched on the
authentication server
(a
RADIUS server). When the end device has been authenticated, the switch stops blocking
and opens the interface to the end device.
When you set up 802.1X or MAC RADIUS authentication on the switch, you specify a
primary authentication server and one or more backup authentication servers. If the
primary authentication server cannot be reached by the switch and the secondary
authentication servers are also unreachable, a RADIUS server timeout occurs. Because
the authentication server grants or denies access to the end devices awaiting
authentication, the switch does not receive access instructions for end devices attempting
access to the LAN and normal authentication cannot be completed. Server fail fallback
allows you to configure authentication alternatives that permit the switch to take
appropriate actions toward end devices awaiting authentication or reauthentication.
2615
Copyright © 2010, Juniper Networks, Inc.
Chapter 83: Configuring Access Control
Summary of Contents for JUNOS OS 10.3 - SOFTWARE
Page 325: ...CHAPTER 17 Operational Mode Commands for System Setup 229 Copyright 2010 Juniper Networks Inc ...
Page 1323: ...CHAPTER 56 Operational Mode Commands for Interfaces 1227 Copyright 2010 Juniper Networks Inc ...
Page 2841: ...CHAPTER 86 Operational Commands for 802 1X 2745 Copyright 2010 Juniper Networks Inc ...
Page 3367: ...CHAPTER 113 Operational Mode Commands for CoS 3271 Copyright 2010 Juniper Networks Inc ...
Page 3435: ...CHAPTER 120 Operational Mode Commands for PoE 3339 Copyright 2010 Juniper Networks Inc ...
Page 3529: ...CHAPTER 126 Operational Mode Commands for MPLS 3433 Copyright 2010 Juniper Networks Inc ...