Enabling the authorization-fail-offline feature
The authorization-fail-offline feature logs off port security users who fail ACL authorization.
A user fails ACL authorization in the following situations:
The device fails to authorize the specified ACL to the user.
The server assigns a nonexistent ACL to the user.
This feature does not apply to users who fail VLAN authorization. The device logs off these users directly.
To enable the authorization-fail-offline feature:
Step | Command | Remarks |
---|---|---|
1. Enter system view. | system-view | N/A |
2. Enable the authorization-fail-offline feature. | port-security authorization-fail offline | By default, this feature is disabled, and the device does not log off users who fail ACL authorization. |