Enabling the authorization-fail-offline feature
The authorization-fail-offline feature logs off port security users who fail ACL or user profile authorization.
A user fails ACL or user profile authorization in the following situations:
The device fails to authorize the specified ACL or user profile to the user.
The server assigns a nonexistent ACL or user profile to the user.
This feature does not apply to VLAN authorization failure. The device logs off these users directly.
To enable the authorization-fail-offline feature:
Step | Command | Remarks |
|---|---|---|
1. Enter system view. | system-view | N/A |
2. Enable the authorization-fail-offline feature. | port-security authorization-fail offline | By default, this feature is disabled, and the device does not log off users who fail ACL or user profile authorization. |