Yes, I'm referring to the "fail-through" option in the server-group settings. What you've explained is what I thought it was but then in the User Guide it says:
"This feature is not supported for 802.1x authentication with a server group that consists of external EAPcompliant
RADIUS servers. You can, however, use fail-through authentication when the 802.1x
authentication is terminated on the controller (AAA FastConnect)."
Does this mean that this option is meaningless if external RADIUS servers are being used? Does it mean that the user is not allowed until he is authenticated by all the servers listed?