radius-server authentication rollover-on-reject

Function

The radius-server authentication rollover-on-reject command enables a device to poll RADIUS servers for authentication after receiving a RADIUS Access-Reject packet.

The undo radius-server authentication rollover-on-reject command disables the function.

By default, this function is disabled.

This command is supported only on the NetEngine 8000 F1A.

Format

radius-server authentication rollover-on-reject

undo radius-server authentication rollover-on-reject

Parameters

None

Views

RADIUS server group view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
radius write

Usage Guidelines

Usage Scenario

If RADIUS servers in a RADIUS server group stores different user information, run the radius-server authentication rollover-on-reject command to allow a user that failed to be authenticated by a RADIUS server to be authenticated by another RADIUS server.

Configuration Impact

After you run this command, if a user fails to be authenticated by a RADIUS server in the group, the NetEngine 8000 F sends an Access-Request packet to another RADIUS server until the user is authenticated or fails to be authenticated by any RADIUS servers.

Precautions

In VS mode, this command is supported only by the admin VS.

Example

# Enable a device to poll RADIUS servers in the RADIUS server group named group1 for authentication after receiving a RADIUS Access-Reject packet.
<HUAWEI> system-view
[~HUAWEI] radius-server group group1
[*HUAWEI-radius-group1] commit
[~HUAWEI-radius-group1] radius-server authentication rollover-on-reject
Parent Topic: AAA and User Management Configuration (Access User)
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >