Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

RADIUS servers supported on 802.1x scenario

Hi experts,

We are reviewing to deploy 802.1x with 2 or 3 RADIUS server to acomplish a 'high availability'' model, but we do not know if this is possible.

We tried to find out some information about, but documentation do not mention if is possible to deploy 802.1x AND two or three RADIUS server on same scenario.

Someone can help to clarify this?

Thanks

guruiz

1 ACCEPTED SOLUTION

Accepted Solutions
VIP Purple

RADIUS servers supported on 802.1x scenario

There are two things that have to be taken into account:

1) Your NAD has to be configured with multiple RADIUS-Servers. If one server is declared dead, the second or third server is used. In IOS there are different ways to check if a server is available or not. This is documented in the 802.1x part of the configuratiuon guide of your switch.

2) The radius-servers have to replicate their database to all members. In the Cisco-portfolio that can be done with ACS or ISE. Others are using FreeRADIUS for that and some are even using the RADIUS-server that is íncluded with Windows Server.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni


--
Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
5 REPLIES
VIP Purple

RADIUS servers supported on 802.1x scenario

There are two things that have to be taken into account:

1) Your NAD has to be configured with multiple RADIUS-Servers. If one server is declared dead, the second or third server is used. In IOS there are different ways to check if a server is available or not. This is documented in the 802.1x part of the configuratiuon guide of your switch.

2) The radius-servers have to replicate their database to all members. In the Cisco-portfolio that can be done with ACS or ISE. Others are using FreeRADIUS for that and some are even using the RADIUS-server that is íncluded with Windows Server.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni


--
Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
New Member

RADIUS servers supported on 802.1x scenario

Hello Karsten,

Your answer is more than helpful.....Clear and enlightening.

Thank you much.

guruiz

New Member

RADIUS servers supported on 802.1x scenario

Hi Karsten,

I miss this question regarding Cisco ACS....do you know if it is necessary a specific license or additional software on ACS to support database replication ?

Thank you for your help.

Regards,

guruiz

VIP Purple

RADIUS servers supported on 802.1x scenario

You just need additional server-licenses, and if you have more then 500 NADs, then an additional "unlimited"-License for your whole deployment.

-- 
Don't stop after you've improved your network! Improve the world by lending money to the working poor:
http://www.kiva.org/invitedby/karsteni


--
Don't stop after you've improved your network! Improve the world by lending money to the working poor: http://www.kiva.org/invitedby/karsteni
New Member

RADIUS servers supported on 802.1x scenario

Hi Karsten,

Again ...thank you so much !

guruiz

199
Views
0
Helpful
5
Replies
CreatePlease login to create content