< Home

authentication event response-fail

Function

The authentication event response-fail command configures the device to return an authentication failure packet when a user fails in authentication or the authentication server does not respond.

The undo authentication event response-fail command restores the default configuration.

By default, the device returns an authentication success packet when a user fails in authentication or the authentication server does not respond.

Format

authentication event { authen-fail | authen-server-down } response-fail

undo authentication event { authen-fail | authen-server-down } response-fail

Parameters

Parameter Description Value

authen-fail

Specifies that the device returns an authentication failure packet to the 802.1X client or Portal server when a user fails in authentication.

-

authen-server-down

Specifies that the device returns an authentication failure packet to the 802.1X client or Portal server when the authentication server does not respond.

-

Views

System view, VLANIF interface view, Ethernet interface view, GE interface view, MultiGE interface view, XGE interface view, 25GE interface view, 40GE interface view, 100GE interface view, Eth-Trunk interface view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After the authentication event command is executed to configure the network access right used when a user fails in authentication or the authentication server does not respond, the device returns an authentication success packet to the 802.1X client or Portal server by default. Therefore, the user does not know the authentication failure and only limited network resources can be accessed. The user cannot use the expected service.

You can use this command to configure the device to return an authentication failure packet to the 802.1X client or Portal server. In 802.1X authentication, the 802.1X client notifies the user of authentication failure. In Portal authentication, the Portal server pushes an authentication failure message to the user. The user then choose whether to perform reauthentication.

Precautions

  • If the command is executed in both the interface view and system view, the configuration in interface view takes effect.

  • This function takes effect only for users who go online after this function is successfully configured.

  • This command is only applicable to the 802.1X authentication and Portal authentication.

Example

# Configure GE0/0/1 to return an authentication failure packet to the 802.1X client or Portal server when a user fails in authentication.

<HUAWEI> system-view
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] authentication event authen-fail response-fail
Parent Topic: NAC Configuration Commands (Common Mode)
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >