Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Load Balance RADIUS/PEAP Authentications

General question to the mass(es):

How do you handle simultaneous wireless PEAP authentications in volume?  When building an 802.1x backend, there is concern for the bandwidth of all of those simultaneous authentications making it to the server(s), through, and back to the end user in time.  Servers have a finite number of simultaneous authentications they can handle per second, so I'd like to avoid over-burdening any particular RADIUS server.  So I have three backend servers, all of which are entered into the controllers (3 4404 controllers).  As I understand it, the controller(s) will only move to the next server for authentications when the previous one becomes unresponsive.  Do I modify the EAP timeouts to force logins to the next server in a round-robin fashion (i.e. shorten to something like 5 sec), or is there some way to actually get the controller to load balance authentications to avoid exhausting any one of the servers?


New Member

Re: Load Balance RADIUS/PEAP Authentications

Hi Scott,

Do you really have that make request, so there will be problems with bandwidth or that the server can't handle all users?

To make it simple, can't you just use diffrent primary RADIUS on the three diffrent controllers. Not true round robin, but you would spread the authenication requests over all three servers. I don't think it's a good idea to mess with the timeouts.

Kind Regards


Re: Load Balance RADIUS/PEAP Authentications


How many clients? I have 3-5000 wireless clients on 1 ACS (we have a backup as well) with no issues.

__________________________________________________________________________________________ "Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin ___________________________________________________________
CreatePlease login to create content