authorization-info check-fail policy
Function
The authorization-info check-fail policy command determines whether the device allows users to go online after the authorization information check fails.
The undo authorization-info check-fail policy command restores the default configuration.
By default, the device prohibits users to go online after the authorization information check fails.
Format
authorization-info check-fail policy { online | offline }
undo authorization-info check-fail policy
Usage Guidelines
The device supports user authorization through the ACL, User Group and VLAN delivered from the RADIUS server. The ACL and User Group are delivered with the Filter-Id attribute of packets sent from the RADIUS server. The VLAN attribute is delivered with the Tunnel-Type, Tunnel-Medium-Type, or Tunnel-Private-Group-ID attribute of packets sent from the RADIUS server. If the ACL, User Group and VLAN delivered from the RADIUS server are not configured on the device, the authorization information check fails on the device.
By default, users are denied access if they fail the authentication. You can use this command to configure the users to go online and the authorization information delivered by the RADIUS server does not take effect.