Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

WLC RADIUS fail-over behavior

All -

I'm having an academic debate with a colleague regarding the fail-over behavior amongst RADIUS servers configured on a WLAN controller. My understanding is that unlike the autonomous APs, there is no such thing as a 'dead' timer and that the failover behavior is like this:

1. Primary AAA server available and ALL requests go to this server (unless you manually change the order of primary, secondary, tertiary on a per-WLAN basis to effectively 'load-balance').

2. The primary AAA server is used until it goes down, at which time the secondary AAA server will be used until it cannot be contacted. Once this goes down, the controller will use the tertiary, and then back to the primary.

My argument is that there is no pre-emptive recovery of the AAA server back to the previous one when it comes back online. I have not actually played with this in the lab, but I don't see any parameters in the GUI or the CLI that would allow me to effect the failover behavior. I have also referenced the full CLI guide for all controller releases and have not found anything useful in this situation.


Re: WLC RADIUS fail-over behavior

It seems that radius server on WLC keeps on falling between primary and secondary. To fix this issue it would suggest the change the radius timeout to 10 sec from default value of 2 secs.

Sometime ACS takes more then 2 secs to respond and due to that WLC jumps to second radius as it had waited for 2 secs.

So here all depends on radius timeout setting. If there is no response from primary acs for 2 sec, it will fall back to secondary acs.



Do rate helpful post

CreatePlease to create content