Administrator Guide
Security Commands 927
authentication event fail retry
Use the authentication event fail retry command to select the number of
times authentication is reattempted by the user for an IEEE 802.1X
supplicant. Use the no form of the command to return the number of
maximum attempts to the default value.
Syntax
authentication event fail retry
max-attempts
no authentication event fail retry
•
max-attempts
— The number of times RADIUS authentication is allowed
to fail before failing the authentication and moving to the next
authentication method. Default 1. Range 1–5.
Default Configuration
By default, the number of failed authentication attempts is 1. An
authentication failure is declared failed after a single authentication attempt
and the next authentication method is attempted.
Command Mode
Global Configuration mode
User Guidelines
The authentication manager must be enabled for this command to have
effect.
This command is only applicable to IEEE 802.1X authentication with a
RADIUS server. It has no effect on any other authentication method.
This parameter is independant of, and does not control, the number of times
the authenticator will attempt to contact the RADIUS servers. For example, if
the max-retries for a single configured RADIUS server is set to 3 and the max-
attempts is set to 2, on a supplicant login attempt, the authenticator will
send up to three access requests to the RADIUS server before returning
failure. The authenticator will then re-invoke supplicant authentication
method which allows the RADIUS back end to again send up to three
2CSNXXX_SWUM204.book Page 927 Monday, January 25, 2016 1:25 PM