Radius server offline could not login to switch when radius is offline

“Need to have local authentication enabled on switch for fail safe ”

Configure the switch to support both radius device login and local login

Here is the configuration that work on SW5500.

#
 password-control length 4
 password-control history 2
 password-control login-attempt 3 exceed lock-time 120
#
 super password level 3 simple password
#
 local-server nas-ip 127.0.0.1 key 3com
#
 domain default enable 3comdevicelogin
#
 dot1x
 dot1x timer tx-period 10
 dot1x timer handshake-period 1024
 dot1x authentication-method eap
#
radius scheme system
#
radius scheme 3comapsc
 server-type standard
 primary authentication 152.67.101.23
 accounting optional
 key authentication radius
 user-name-format without-domain
 nas-ip 152.67.101.54
#
radius scheme 3ComDeviceLogin
 server-type extended
 primary authentication 152.67.101.39
 accounting optional
 key authentication radius
 user-name-format without-domain
 nas-ip 152.67.101.54
#
domain 3comdevicelogin
 scheme radius-scheme 3ComDeviceLogin local
domain apsc
 scheme radius-scheme 3comapsc
domain system
#
local-user admin
 service-type ssh telnet terminal
 level 3
 password-control aging 90
local-user manager
 service-type ssh telnet terminal
 level 2
local-user monitor
 service-type ssh telnet terminal
 level 1
#

Notes: The switch support radius login, OR local login, but not both methods

Switch 7700

Router 5000 Series

Router 3000 Series

Router 6000 Series

Switch 8800

Switch 5500

Switch 5500G

Switch 7750

Switch 4500