Add a RADIUS timeout VLAN to a security policy 6.4.3
When an 802.1x authentication request to a RADIUS server times out, the FortiSwitch port can be assigned to the timeout VLAN specified in the security policy.
Example
In this example, a 802.1x security policy has been applied on port6 of the managed FortiSwitch. The PC tries to authenticate to the RADIUS server, but the server is not available. After 10 seconds, the authentication times out, and the PC is put into the timeout VLAN vlan22.
To configure the security policy:
config switch-controller security-policy 802-1X edit "auth-timeout" set user-group "1X_RADIUS_GROUP" set mac-auth-bypass disable set open-auth disable set eap-passthru enable set eap-auto-untagged-vlans enable set guest-vlan disable set auth-fail-vlan disable set framevid-apply enable set radius-timeout-overwrite disable set authserver-timeout-vlan enable set authserver-timeout-period 10 set authserver-timeout-vlanid "vlan22" next end