Ethernet Switches & Routers

Reply
New Contributor
Posts: 2
Registered: ‎04-01-2014

Fastiron WS 648G - What to do when Radius goes down

Hi all

 

I have a FastIron WS 648G with mac-vlan enabled and two vlans: vlan 1 for full access on the local network and vlan 2 for restricted access. I have a radius server set up which directs authorized MACs onto vlan 1. And the switch is configured to put any device failing mac authentication onto vlan 2, via the 'auth-fail-vlan-id' and 'auth-fail-action restrict-vlan'.

 

This works fine, but if the radius server is down then I'd like the switch to put all devices onto vlan 1 to give them full access, rather then the restricted vlan 2. So my question is, is there any way of configuring an action on the switch for when it receives no response from radius, rather then an ACCESS-REJECT message. It's more important to me that authorised devices aren't distrupted if radius goes down.

 

-Adam

New Contributor
Posts: 2
Registered: ‎04-01-2014

Re: Fastiron WS 648G - What to do when Radius goes down

I think I've figured out a solution. If I use multi device port authentication I can specify a radius timeout action such as: 'mac-authentication auth-timeout-action success'. Before I was using MAC based vlans which don't appear to have this option.

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.