Since we are an university we offer eduroam. The principe of eduroam is that you send the requests to the partner universities. When someone is from University Ghent you use the following as username: email@example.com
Our wlc's get the username + pass on wlan3 and sends this to the ISE. The ise's send these to the remote radius of the correct university.
Today one of these universities had a problem with their radius and no one could login with their credentials. The users kept on trying and suddenly all I could see in my ISE's was a red colour of fails. Because of the many fails the ISE's load went skyhigh which meant the users on the other WLAN's couldn't login as well because they use the same ISE's.
How is it possible that these fails caused the huge load and massive fails?
How can I resolve this? On wlc level by using the client exclusion policies or should I do something on the ISE?