We ahve a 5500 WLC, with 3 radius servers defined. We are doing EAP-TLS authentication for our wireless clients. Sometimes if there is a radius server issue, the WLC will send send requests to the secondary or tertiary radius server for client authentication requests. Also, if there is a problem with the radius server, we do not know which one the controller is using.
Is there a CLI command on the WLC to tell which is the active radius server its using for authentications? It's not always the primary even if the primary is responding.
You can see it I'm the logs or even of you run a debug command. You might also try to do a show radius summary but that might not tell you which one it's using. There is a radius fallback on new code versions of the WLC also.
I feel your pain. To add to Scott's post, I normally check the statistics from the main monitor page and then Aaa ..
Sent from Cisco Technical Support iPhone App
"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
Transferring Crash file from standby: Login to the Active WLC in HA.
From CLI: (Cisco Controller) >transfer upload datatype crash (Cisco
Controller) >transfer upload filename (Cisco
Controller) >transfer upload mode tftp (Cisco Controller) >transfer
This is the start of a display filter cross reference between Wireshark
and OmniPeek. The 1st installment is a table of advanced filters. More
filters will be added as time allows. It is a living doc, so check back
for changes every so often Please feel f...