dot1x critical recovery-action

Syntax

dot1x critical recovery-action reinitialize

undo dot1x critical recovery-action

View

Layer 2 Ethernet interface view

Default level

2: System level

Parameters

reinitialize: Enables the port to trigger 802.1X re-authentication on detection of a reachable RADIUS authentication server for users in the critical VLAN.

Description

Use dot1x critical recovery-action to configure the action that a port takes when an active (reachable) RADIUS authentication server is detected for users in the critical VLAN.

Use undo dot1x critical recovery-action to restore the default.

By default, when a reachable RADIUS server is detected, the system removes the port or 802.1X users from the critical VLAN without triggering authentication.

The dot1x critical recovery-action command takes effect only for the 802.1X users in the critical VLAN on a port. It enables the port to take one of the following actions to trigger 802.1X authentication after removing 802.1X users from the critical VLAN on detection of a reachable RADIUS authentication server:

For prompt detection of active RADIUS authentication servers, use RADIUS server probing function (see "AAA configuration commands").

Examples

# Configure port Ethernet 1/0/1 to trigger 802.1X re-authentication on detection of an active RADIUS authentication server for users in the critical VLAN.

<Sysname> system-view
[Sysname] interface ethernet 1/0/1
[Sysname-Ethernet1/0/1] dot1x critical recovery-action reinitialize