Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
439
Views
0
Helpful
1
Replies

can cisco be configured to log into 2 radius servers?

uy
Level 1
Level 1

‎08-06-2002 11:32 AM - edited ‎02-20-2020 09:18 PM

i need to have the radius information logged to tow servers for redudancy requirements.

if so what would be the sample radius part config on the cisco box?

thanks.

Labels:
0 Helpful
1 Reply 1

jekrauss
Level 1
Level 1

‎08-06-2002 03:52 PM

You can't authenticate (login) to two radius servers - otherwise you might get conflicting responses.

You can configure your router for redundancy so that it contacts the subsequent radius servers after your primary server fails to respond. Just add additional radius-server host entries for other radius servers.

You can, however, send accounting information to more than one radius server:

Configuring AAA Broadcast Accounting

The following example shows turning on broadcast accounting using the global aaa accounting command:

aaa group server radius isp

server 1.0.0.1

server 1.0.0.2

aaa group server tacacs+ isp_customer

server 3.0.0.1

aaa accounting network default start-stop broadcast group isp group isp_customer

radius-server host 1.0.0.1

radius-server host 1.0.0.2

radius-server key key1

tacacs-server host 3.0.0.1 key key2

Detailed configuration information available here:

http://www.cisco.com/univercd/cc/td/doc/product/software/ios121/121newft/121t/121t1/dt_aaaba.htm#xtocid90568

HTH

Jeff

0 Helpful
Customers Also Viewed These Support Documents