The authentication event client-no-response action authorize command configures network access rights for users when the 802.1X client does not respond.
The undo authentication event client-no-response action authorize command restores the default setting.
By default, no network access right is configured for users when the 802.1X client does not respond.
authentication event client-no-response action authorize { service-scheme service-scheme-name | ucl-group ucl-group-name | vlan vlan-id }
undo authentication event client-no-response action authorize
Parameter |
Description |
Value |
|---|---|---|
service-scheme service-scheme-name |
Specifies the name of a service scheme based on which network access rights are assigned. |
The value must be an existing service scheme name on the device. |
ucl-group ucl-group-name |
Specifies the name of a UCL group based on which network access rights are assigned. |
The value must be an existing UCL group name on the device. |
vlan vlan-id |
Specifies a VLAN ID. When this parameter is specified, users can access only the resources in the VLAN. |
The value is an integer that ranges from 1 to 4094. |
Usage Scenario
If the 802.1X client does not respond, users cannot pass authentication and thereby have no network access right. Before being successfully authenticated, some users may need certain basic network access rights to download client software and update the antivirus database. The network access rights can be configured for the users when the 802.1X client does not respond, so that the users can access specified network resources.
Precautions
Wireless 802.1X authentication does not support this function.
This function takes effect only for users who go online after this function is successfully configured.
When an 802.1X client does not respond, the redirect ACL function is not supported. For details about the function, see redirect-acl.
# In the 802.1X access profile d1, configure the device to assign the network access rights specified in VLAN 10 for users when the 802.1X client does not respond.
<HUAWEI> system-view [HUAWEI] vlan batch 10 [HUAWEI] dot1x-access-profile name d1 [HUAWEI-dot1x-access-profile-d1] authentication event client-no-response action authorize vlan 10