Got it

NAC authentication unified-mode missing by default

1385 0 0 0 0

Hey there! This is a case about how to deal with NAC authentication unified-mode missing by default.

Issue description: 

We received a new switch, model S5720-52X-PWR-SI-ACF, with version V200R010C00SPC600 that was switched to NAC common mode after upgrade and usually should have been in NAC unified mode.

According to documentation, “starting from V200R005C00, the default NAC mode changes from common mode to unified mode”. That means command “authentication unified-mode” is added by default. Therefore, he loaded a basic configuration file with commands for NAC unified mode as below:


authentication-profile name default_authen_profile

authentication-profile name dot1x_authen_profile

authentication-profile name mac_authen_profile

authentication-profile name portal_authen_profile

authentication-profile name dot1xmac_authen_profile

authentication-profile name multi_authen_profile

authentication-profile name epshp-authentication

dot1x-access-profile epshp

access-domain dot1x force

After loading the basic configuration we noticed a new command added, “undo authentication unified-mode”, which actually neglects the unified mode that should have been default already. Also the commands were removed from the basic config.

When the new switch receives the basic configuration, we looked for software version inside it. If no software version is detected, then it adopts the NAC common mode and add the command “undo authentication unified-mode”. To overcome this issue, we added line below in green and, after loading the configuration file, the NAC mode was left to unified.


  ===============display current-configuration===============


!Software Version V200R010C00SPC600


sysname SYSNAME


FTP server enable


info-center loghost facility local0


Vlan batch 56 60 1000


vcmp role silent


If you have any problems, please post them in our Community. We are happy to solve them for you!

  • x
  • convention:


You need to log in to comment to the post Login | Register

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits


Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Please bind your phone number to obtain invitation bonus.