Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Key precedence when using aaa group server and radius-server host

Looking at the following configuration on a Cisco Router:

!
aaa group server radius 8021x
  server-private 192.168.1.1 auth-port 1812 acct-port 1813 key SECRET-A
!
aaa group server radius radius-auth
server-private 192.168.2.1 auth-port 1645 acct-port 1646 key SECRET-B
!
radius-server host 192.168.1.1 auth-port 1812 acct-port 1813 key SECRET-C
!

The question is:

When considering the radius server 192.168.1.1 which password / key will take precedence: SECRET-A or SECRET-B ?

Reading the documentation posted below the answer is:

SECRET-A, because: In cases where both global commands and server commands are used, the server command will take precedence over the global command.

Does anyone know if this is correct ? Which key will take precedence ?

See:

See: http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfrad.html#wp1001168

See: http://www.cisco.com/en/US/docs/ios/12_2/security/configuration/guide/scfrad.html#wp1001482

Everyone's tags (4)
1303
Views
0
Helpful
0
Replies
CreatePlease login to create content