02-17-2010 03:02 AM - edited 03-10-2019 04:57 PM
1. Suppose we have mutliple Radius server in a Netowrk. If primary Radius server goes down , how secondary server will come into the picture..
2. Where can we check ,which Radius server is active (Primary or secondary Radius server)
3. Is there any limit like one server can authenticate a number of clients?
Thanks
Sri
02-17-2010 09:38 AM
Sri,
1) Its the NAS that brings up secondary radius server. First it will try hitting primary radius server and if there is no response it will then try seoncdary radius.
2) On ASA you can use this command to check the server status,
ASA# show aaa-server protocol radius
On IOS
Switch#show aaa servers
RADIUS: id 3, priority 1, host 192.168.26.119, auth-port 1645, acct-port 1646
State: current UP, duration 151040s, previous duration 0s
Dead: total time 0s, count 0
Quarantined: No
Authen: request 6, timeouts 0
Response: unexpected 0, server error 0, incorrect 0, time 190ms
Transaction: success 6, failure 0
Author: request 0, timeouts 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Account: request 0, timeouts 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Elapsed time since counters last cleared: 1d17h33m
RADIUS: id 4, priority 2, host 192.168.1.99, auth-port 1645, acct-port 1646
State: current UP, duration 151040s, previous duration 0s
Dead: total time 0s, count 0
Quarantined: No
Authen: request 0, timeouts 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Author: request 0, timeouts 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Account: request 0, timeouts 0
Response: unexpected 0, server error 0, incorrect 0, time 0ms
Transaction: success 0, failure 0
Elapsed time since counters last cleared: 0m
3) I'm not aware of any limit that can be configured on radius. But there are certain paremeters you can set up (That depends on verdor)
Regards,
~JG
Do rate helpful posts
02-17-2010 06:30 PM
Thanks for your help :-)
ACS server is installed on Windows server ,then How IOS commands are executed on windows server ?
Thanks in Adv
Sri
02-17-2010 11:53 PM
Thanks for your help :-)
ACS server is installed on Windows server ,then How IOS commands are executed on windows server ?
Thanks in Adv
Sri
Sri,
It is not the things if ACS is installed in windows or an appliance,The main thing is protocol service that clients used to communicate with ACS server on Radius or TACAS protocol.
If you have cofnigured on aaa client both the radious server along with key and also configured the retry count for radious server then for that particular retry count it will try to primary server if it not respond then secondary will come in to picture.
Hope to Help !!
If helpful do rate the post
Ganesh.H
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: