aaa authentication allow-fail-through
aaa authentication allow-fail-through
no aaa authentication allow-fail-through
Description
Enables authentication fail-through. If this feature is enabled, the next server or authentication method is tried after an authentication failure.
The no form of this command disables authentication fail-through. The system only attempts to reach the next server or authentication method if there is an accounting failure due to an unreachable TACACS+/RADIUS server or a shared key mismatch error between the switch and the server.
If your switch uses command authorization, best practices is to configure authorization fail-through before configuring authentication fail-through. If not, the switch may fall into an unusable state where authorization will fail for all commands.
Example
Enabling authentication fail-through:
For more information on features that use this command, refer to the Security Guide for your switch model.
Command History
|
Release |
Modification |
|---|---|
|
10.07 or earlier |
-- |
Command Information
|
Platforms |
Command context |
Authority |
|---|---|---|
|
All platforms |
config |
Administrators or local user group members with execution rights for this command. |
