Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Radius Source

I have several routers with backup links and we use Radius for authentication into those routers. It seems like the Radius uses the primary serial link to connect to the Radius server. When the link fails and it switches over to the backup I can't login with Radius. Is there any way to tell it to use the Lan Port IP?

1 ACCEPTED SOLUTION

Accepted Solutions
Silver

Re: Radius Source

Hello,

Check the following command:

radius source-interface "type/mod"

bye

FCS

Please rate me if I helped.

6 REPLIES
Silver

Re: Radius Source

Hello,

Check the following command:

radius source-interface "type/mod"

bye

FCS

Please rate me if I helped.

Hall of Fame Super Silver

Re: Radius Source

On the router I checked the syntax is actually ip radius source-interface

You could point it at the LAN interface if you desire to. Frequently it is considered best practice to point it to a lookback interface (if the router has a loopback interface).

HTH

Rick

New Member

Re: Radius Source

Thanks I found that command as well. Can you elaborate more on the loopback interface? I don't have one setup.

Hall of Fame Super Silver

Re: Radius Source

Jobe

A loopback interface is a virtual interface that can be configured on the router. With normal interfaces there could be a problem in the network or the cable could be unplugged and the interface goes down. With loopback interfaces you have removed the physical dependencies. So loopback interfaces are more stable than physical interfaces.

There are many functions on the router for which loopback interfaces are useful. As your question raises it may be beneficial to use the loopback as the source for radius requests. The loopback can also be used as the source address for other things including syslog, telnet, tftp, ftp, ntp. This means that it eliminates ambiguity for those applications. No matter which interface carried the traffic it always appears to be from the same source.

There are other situations in which it is helpful to have a loopback interface. Many of the routing protocols may use a loopback interface as its router ID for example.

HTH

Rick

New Member

Re: Radius Source

Thanks for Clarifying Rick. This seems like the better way to go for those types of services.

New Member

Re: Radius Source

Thanks you sent me down the right path. Here's the command.

ip radius source-interface subinterface-name

245
Views
0
Helpful
6
Replies