The radius-attribute service-type with-authenonly-reauthen command sets the reauthentication mode to reauthentication only.
The undo radius-attribute service-type with-authenonly-reauthen command restores the reauthentication mode to reauthentication and reauthorization.
By default, the reauthentication mode is reauthentication and reauthorization.
radius-attribute service-type with-authenonly-reauthen
undo radius-attribute service-type with-authenonly-reauthen
Usage Scenario
If a user needs to be reauthenticated, the device delivers authorization information to all online users after the user is successfully authenticated. If many online users and authorization configurations exist on the device, the device cannot promptly deliver authorization information, causing an authorization failure and user disconnection. After the radius-attribute service-type with-authenonly-reauthen command is run in the RADIUS server template view, the device only reauthenticates users during reauthentication, and does not redeliver authorization information, preventing users from going offline due to authorization failures.
Precautions
After the radius-attribute service-type with-authenonly-reauthen command is configured, users still use the original authorization information after being successfully reauthenticated even if the user authorization information changes.
This function takes effect only when the Service-Type attribute of a RADIUS server is Authenticate Only.
After the reauthentication mode is set to reauthentication only, the user name remains unchanged during reauthentication.
If server authorization packets carry the following attributes during reauthentication, this function does not take effect, but changes to the following authorization are still supported: