The authentication critical eapol-success command configures the device to send an EAPoL-Success packet to a user after the user is added to the critical VLAN.
The undo authentication critical eapol-success command configures the device to send an EAPoL-Fail packet to a user after the user is added to the critical VLAN.
By default, an EAPoL-Fail packet is sent to a user after the user is added to the critical VLAN.
In the system view:
authentication critical eapol-success interface { interface-type interface-number1 [ to interface-number2 ] } &<1-10>
undo authentication critical eapol-success interface { interface-type interface-number1 [ to interface-number2 ] } &<1-10>
In the interface view:
authentication critical eapol-success
undo authentication critical eapol-success
Parameter |
Description |
Value |
|---|---|---|
interface { interface-type interface-number1 [ to interface-number2 ] } |
Specifies the interface type and number.
|
- |
System view, Ethernet interface view, GE interface view, MultiGE interface view, XGE interface view, 25GE interface view, 40GE interface view, 100GE interface view, Eth-Trunk interface view, Port group view
After a user is added to the critical VLAN because the authentication server does not respond, the device can be configured to send an EAPoL-Success or EAPoL-Fail packet to the user to prevent the user from continuously sending access request packets. After receiving the EAPoL-Success packet or EAPoL-Fail packet, the user stops attempting to go online by sending the access request packet repeatedly, which prevents the device performance from degrading.
The user receiving the EAPoL-Success packet can still obtain the IP address through a DHCP packet, while the user receiving the EAPoL-Fail packet fails to do so. The administrator can configure the device to send an EAPoL-Success or EAPoL-Fail packet as required.