Apologies in advance if this is an easy one...
Basically the question is in EXOS, what would be the configuration to fail authentication open albeit MAC, PEAP, EAP-TLS etc if both RADIUS / NAC appliances become unavailable?
With NAC / RADIUS not available I would either need to fail open, or do something else that would still grant access to the network.
Appreciate anything already authenticated onto the network would stay connected. I believe there is a timer that can be configured to set the re-authentication time or turn off completely.
An option could possibly move to local switch authentication using MAC addresses if all those are previous stored / configured on the switch?
Possibly use something like the following:
configure netlogin authentication failure vlan Default ports 1-22
configure netlogin authentication service-unavailable vlan Default ports 1-22
Although some ports like phones might have multiple VLAN's, so not sure how that would work.
Possibly something else I haven't thought of or found?
Many thanks in advance