Specifications
authentication force-authorized enable
352
authentication force-authorized enable
When the following state exists for all Layer 2 authentications, a terminal subject to
authentication that requested authentication is forcibly changed to the authenticated state.
RADIUS authentication is specified but there is no response from the designated
RADIUS server
Syntax
To set information:
authentication force-authorized enable
To delete information:
no authentication force-authorized enable
Input mode
(config)
Parameters
None
Default behavior
None
Impact on communication
None
When the change is applied
The change is applied immediately after setting values are changed.
Notes
1. Be especially careful when using this functionality, as it can pose security problems.
2. In dynamic VLAN mode, the native VLAN of the applicable port is assigned as the
post-authentication VLAN.
If you want to assign a specific VLAN as the post-authentication VLAN, do so by
using the
authentication force-authorized vlan command.
3. This command cannot be set if at least one of the following commands is set for a
Switch:
dot1x force-authorized
dot1x force-authorized vlan
mac-authentication force-authorized vlan
mac-authentication static-vlan force-authorized
web-authentication force-authorized vlan
web-authentication static-vlan force-authorized
4. This operates only when RADIUS authentication is set. If multiple authentication
methods are set, the forced authentication functionality does not operate.
5. Register general-use RADIUS server information or authentication-specific RADIUS
server information. For details, see 5. Overview of Layer 2 Authentication in the
Configuration Guide Vol. 2.