Do the Cisco 2950 or 2960 support multiple radius servers? In case one radius server is down, I would like to have the switch try another radius server.

I tried this:

aaa new-model

aaa authentication dot1x default group radius

aaa authorization network default group radius

aaa accounting dot1x default start-stop group radius

radius-server host 172.30.0.27 auth-port 1812 acct-port 1813

radius-server host 172.30.0.28 auth-port 1812 acct-port 1813

radius-server retransmit 3

radius-server key 123456

When I turned off .0.27 at 10:00 PM, no systems tried to authenticate with .0.28 the next morning. I had to turn back on the radius service on .0.27 in order for systems to connect to the network again.

Following is the Debug log:

11w2d: RADIUS: ustruct sharecount=1

11w2d: RADIUS: EAP-login: length of radius packet = 143 code = 1

11w2d: RADIUS: Initial Transmit FastEthernet0/13 id 12 172.30.0.27:1812, Access-

Request, len 143

11w2d: Attribute 4 6 AC1C003E

11w2d: Attribute 5 6 0000C35D

11w2d: Attribute 61 6 0000000F

11w2d: Attribute 1 16 7A68616E

11w2d: Attribute 30 19 30302D30

11w2d: Attribute 31 19 30302D31

11w2d: Attribute 6 6 00000002

11w2d: Attribute 12 6 000005DC

11w2d: Attribute 79 21 02000013

11w2d: Attribute 80 18 65CF0F80

11w2d: RADIUS: Retransmit id 12

11w2d: RADIUS: Retransmit id 12

11w2d: RADIUS: Retransmit id 12

11w2d: RADIUS: Marking server 172.30.0.27:1812,1813 dead

11w2d: RADIUS: Re-signed packet (key: 123456; rctx: 0x80D82308)

11w2d: RADIUS: Trying next server (172.30.0.28:1812,1813) for id12

11w2d: RADIUS: Retransmit id 12

11w2d: RADIUS: Received from id 12 172.30.0.28:1812, Access-Challenge, len 80

11w2d: Attribute 79 24 01010016

11w2d: Attribute 24 18 30336165

11w2d: Attribute 80 18 05C14D55

11w2d: RADIUS: EAP-login: length of eap packet = 22

11w2d: RADIUS: EAP-login: got challenge from radius

11w2d: RADIUS: ustruct sharecount=1

11w2d: RADIUS: EAP-login: length of radius packet = 178 code = 1

11w2d: RADIUS: Initial Transmit FastEthernet0/13 id 13 172.30.0.27:1812, Access-

Request, len 178

11w2d: Attribute 4 6 AC1C003E

11w2d: Attribute 5 6 0000C35D

11w2d: Attribute 61 6 0000000F

11w2d: Attribute 1 16 7A68616E

11w2d: Attribute 30 19 30302D30

11w2d: Attribute 31 19 30302D31

11w2d: Attribute 6 6 00000002

11w2d: Attribute 12 6 000005DC

11w2d: Attribute 24 18 30336165

11w2d: Attribute 79 38 02010024

11w2d: Attribute 80 18 D118E3CD

11w2d: RADIUS: Retransmit id 13

11w2d: RADIUS: Retransmit id 13

11w2d: RADIUS: Retransmit id 13

11w2d: RADIUS: Marking server 172.30.0.27:1812,1813 dead

11w2d: RADIUS: Re-signed packet (key: 123456; rctx: 0x80D82360)

11w2d: RADIUS: Trying next server (172.30.0.28:1812,1813) for id13

11w2d: RADIUS: Fail-over denied to (172.30.0.28:1812,1813) for id13

11w2d: RADIUS: No response for id 13

Any suggestions would be greatly appreciated.

Thanks.