In a typical 802.1X + MAC Security, CAK/CKN for Macsec Key Agreement (MKA) protocol are derived from the key material of a successful 802.1X session. Currently, if an 802.1X authenticator can’t authenticate 802.1X supplicant successfully because of an unreachable AAA Server/Radius server, by default, the authenticator blocks all traffic on the port and keeps the port as “unauthorized”.