Currently I have 802.1x with ACS working to authenticate users to active directory. Eveyrhting is working great. I have added another ACS Appliance in our configuration for failover or redundancy. But when I unplug the ACS thats working I am unable to authenticate IP phones to the secondayr ACS. I see the following failed message in the logs of the 2nd ACS
"Authen session timed out: Challenge not provided by client"
If I run a debug on dot1x I get the following:
3d22h: %RADIUS-4-RADIUS_DEAD: RADIUS server 192.168.233.42:1645,1646 is not responding.
3d22h: %RADIUS-4-RADIUS_ALIVE: RADIUS server 192.168.233.42:1645,1646 has returned.
3d22h: %RADIUS-4-RADIUS_DEAD: RADIUS server 192.168.233.42:1812,1813 is not responding
192.168.233.42 is the unplugeed ACS. It never reaches the secondary ACS