As of LCOS 10.92, the Dynamic RADIUS Caching feature is available.
Dynamic RADIUS Caching allows client authentication according to IEEE 802.1X even when there is no data connection to the RADIUS server. To achieve this, RADIUS Accept messages are cached and retained for a defined period to allow re-authentication of the respective clients. With MAC-based authentication, clients can reauthenticate on the port even if the RADIUS server is temporarily unavailable.
In LANconfig you can find the settings under .
- Supervision profile
- Specify a monitoring or supervision server for Dynamic RADIUS Caching here. See Cache response.
- Cache response
-
Dynamic RADIUS Caching allows client authentication via IEEE 802.1X even when no data connection to the RADIUS server is
available. RADIUS Accept messages are cached and retained for a defined period (see Cache lifetime)
to enable re-authentication of the respective clients. Using MAC-based authentication, clients can re-authenticate at the
port even if the RADIUS server is temporarily unavailable.
Important:
Only PAP is supported.
Only MAC-based authentication is supported.
For monitoring purposes, a supervision server must be configured (see Supervision profile).
Note: Under you can view the current Dynamic RADIUS Cache. The command-line instruction show radius-server response-cache shows all entries in full detail. You can narrow the results using wildcards. Example: show radius-server response-cache * testuser shows only entries for the user "testuser". - Cache lifetime
- Specify the time period for Dynamic RADIUS Caching here. See Cache response.
