@Jason2005  most of these commands are described in the Cisco ISE wired prescriptive guide https://community.cisco.com/t5/security-knowledge-base/ise-secure-wired-access-prescriptive-deployment-guide/ta-p/3641515

Send the Service-Type attribute in the authentication packets, which is important for ISE to distinguish between the different authentication methods:

c9300-Sw(config)#radius-server attribute 6 on-for-login-auth

Send the IP address of an endpoint to the RADIUS server in the access request:

c9300-Sw(config)#radius-server attribute 8 include-in-access-req

Include the class attribute in an access request for network access authorization:

c9300-Sw(config)#radius-server attribute 25 access-request include

Define how a switch must detect a RADIUS server reachability failure:

c9300-Sw(config)#radius-server dead-criteria time 10 tries 3

Specifies the number of seconds a switch waits for a reply to a RADIUS request before resending the request. The default is 5 seconds; the range is 1 to 1000.

Switch(config)# radius-server timeout 3

Enables the network access server to recognize and use vendor-specific attributes as defined by RADIUS IETF attribute 26

Device(config)# radius-server vsa send  [accounting | authentication] 

https://www.cisco.com/en/US/docs/switches/lan/catalyst3850/software/release/3.2_0_se/multibook/configuration_guide/b_consolidated_config_guide_3850_chapter_0101111.html