To configure basic server fail fallback options using the CLI:
•
Configure an interface to allow traffic to flow from a supplicant to the LAN if a RADIUS
server timeout occurs (as if the end device had been successfully authenticated by a
RADIUS server):
[edit protocols dot1x authenticator]
user@switch#
set interface ge-0/0/1
server-fail
permit
•
Configure an interface to prevent traffic flow from an end device to the LAN (as if the
end device had failed authentication and had been rejected by the RADIUS server):
[edit protocols dot1x authenticator]
user@switch#
set interface ge-0/0/1 server-fail deny
•
Configure an interface to move an end device to a specified VLAN if a RADIUS server
timeout occurs (in this case, the VLAN name is
vlan1
):
[edit protocols dot1x authenticator]
user@switch#
set interface ge-0/0/1 server-fail vlan-name vlan1
•
Configure an interface to recognize already connected end devices as reauthenticated
if there is a RADIUS timeout during reauthentication (new users will be denied access):
[edit protocols dot1x authenticator]
user@switch#
set interface ge-0/0/1 server-fail use-cache
•
Configure an interface that receives an EAPOL access-reject message from the
authentication server to move end devices attempting LAN access on the interface to
a specified VLAN already configured on the switch (in this case, the VLAN name is
vlan-sf
):
[edit protocols dot1x authenticator]
user@switch#
set interface ge-0/0/1
server-reject-vlan
vlan-sf
Related
Documentation
Example: Configuring 802.1X Authentication Options When the RADIUS Server is
Unavailable to an EX Series Switch on page 2550
•
•
Configuring 802.1X Authentication (J-Web Procedure) on page 2610
•
Configuring 802.1X Interface Settings (CLI Procedure) on page 2609
•
Monitoring 802.1X Authentication on page 2633
•
Understanding Server Fail Fallback and 802.1X Authentication on EX Series Switches
on page 2536
Copyright © 2010, Juniper Networks, Inc.
2616
Complete Software Guide for Junos
®
OS for EX Series Ethernet Switches, Release 10.3
Summary of Contents for JUNOS OS 10.3 - SOFTWARE
Page 325: ...CHAPTER 17 Operational Mode Commands for System Setup 229 Copyright 2010 Juniper Networks Inc ...
Page 1323: ...CHAPTER 56 Operational Mode Commands for Interfaces 1227 Copyright 2010 Juniper Networks Inc ...
Page 2841: ...CHAPTER 86 Operational Commands for 802 1X 2745 Copyright 2010 Juniper Networks Inc ...
Page 3367: ...CHAPTER 113 Operational Mode Commands for CoS 3271 Copyright 2010 Juniper Networks Inc ...
Page 3435: ...CHAPTER 120 Operational Mode Commands for PoE 3339 Copyright 2010 Juniper Networks Inc ...
Page 3529: ...CHAPTER 126 Operational Mode Commands for MPLS 3433 Copyright 2010 Juniper Networks Inc ...