Netgear XCM8806 Chassis Hardware Installation Guide - Page 685
con netlogin authentication service-unavailable vlan, Usage Guidelines, Description
View all Netgear XCM8806 Chassis manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 685 highlights
NETGEAR 8800 Chassis Switch CLI Manual Usage Guidelines Use this command to configure authentication failure VLAN on network login enabled ports. When a supplicant fails authentication, it is moved to the authentication failure VLAN and is given limited access until it passes the authentication either through RADIUS or local. Depending on the authentication database order for that particular network login method (MAC, web or dot1x), the other database is used to authenticate the client. If the final result is an authentication failure and if the authentication failure VLAN is configured and enabled on that port, the client is moved to that location. There four different authentication orders which can be configured per authentication method currently. They are: • RADIUS • local • RADIUS, local • local, RADIUS In each case, you must consider the end result in deciding whether to authenticate the client in authentication failure VLAN or authentication service unavailable VLAN (if configured). For example, when netlogin mac authentication database order is local, radius, if the authentication of a MAC client fails through a local database, RADIUS is used for authentication. If RADIUS also fails authentication, the client is moved to authentication failure VLAN. The same is true for all authentication database orders (radius,local; local,radius; radius; local). If authentication through local fails but passes through RADIUS, the client is moved to the appropriate destination VLAN. If the local authentication fails and the RADIUS server is not available, the client is not moved to authentication failure VLAN. configure netlogin authentication service-unavailable vlan configure netlogin authentication service-unavailable vlan {ports } Description Configures authentication service unavailable VLAN on network login enabled ports. Chapter 16. Network Login Commands | 685