MultiAuth Configuration
MultiAuth must be enabled if the RADIUS-Snooping configuration involves the authentication of more than a single user on a port. There are two aspects to multiauthentication in a RADIUS-Snooping configuration:
- The global MultiAuth mode must be changed from the default mode of strict to multi, in order to authenticate multiple downstream users.
- The MultiAuth port mode must be set to auth-opt for both upstream (to the RADIUS server) and downstream (to the authenticating switch) ports. Setting global MultiAuth to multi sets the default port value from auth-opt to force-auth. Reset the mode for the affected ports to auth-opt.
See the MultiAuth Authentication for a complete discussion on MultiAuth configuration.