cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
412
Views
0
Helpful
2
Replies

Radius failover faliure 2948g

rcierny
Level 1
Level 1

Greetings,

I am trying to configure dot1x access control with redundant (failover) radius servers.

The 2948G is running 8.4(11)GLX

2 radius servers are configured.

When primary radius server service fails the radius service does not fail over to second server.

Pertinent config:

RADIUS Deadtime: 5 minutes

RADIUS Retransmit: 2

RADIUS Timeout: 5 seconds

Framed-Ip Address Transmit: Disabled

RADIUS-Server Status Auth-port Acct-port

----------------------------- ------- ------------ ------------

192.168.1.18 primary 1812 1813

192.168.1.17 1812 1813

(ip permit allowed for the 2 servers both servers respond to pings)

Any ideas?

2 Replies 2

smahbub
Level 6
Level 6

Check if you are able to access the secondary server by using the secondary server alone so that any issues related to the secondary server can be found. Also check if the configuration in radius server 2 is similar to that of server 1 if not make the necessary changes.

For more information refer the URL:

http://www.cisco.com/en/US/docs/switches/lan/catalyst2948gand4908g/12.0_18_w5_22a/configuration/guide/cmd_ref.html#wp102341

Yes the secondary server works when configured as the primary. Config is the same.It is the failover which is the problem when primary server is not available...

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco