Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

IOS VPN server to Multiple Radius Servers

Does anyone know how to configure the IOS VPN server, 7206 running 12.2.13T, to do the authentication to Multiple Radius servers ?

I have two Radius Servers with different user accounts. I need to configure the vpn server to allow connection from user if either one of Radius server is replied with Accept

Cisco Employee

Re: IOS VPN server to Multiple Radius Servers

You can't do this in IOS. The router will always try the first server in the list, and if that server doesn't have the username in it, it'll reply with an Access-Reject. At this point the router will reject the connection, it won't go and try the second server.

Your best bet is to set up the ACS servers to proxy off one another, and just point the router to one of them. This way the request will always go to one specific Radius server, but that radius server will check the ohter server's database to see if the username is valid.

New Member

Re: IOS VPN server to Multiple Radius Servers

Many thanks for your reply. Could you tell me what ACS server have such function as I not familiar with ACS software ?



CreatePlease login to create content