Community discussions

MikroTik App
 
User avatar
gmsmstr
Trainer
Trainer
Topic Author
Posts: 942
Joined: Fri Jun 04, 2004 2:22 am
Location: St. Louis, MO
Contact:

Adding Several Radius Servers

Mon Nov 26, 2007 9:18 pm

What is the flow for multiple Radius Servers?

i.e. Is it for backup, the first is not avialble, does it fail to the second?
or. if the first can't auth, i.e. access denied, does it try they second one for a auth?
Dennis Burgess, MCTCE, MTCNA, MCTCTE, MTCWE, MTCNIE, A+, N+, MCP, MTCSE Mikrotik Certified Consultant / Trainer
Need Mikrotik Support: http://www.linktechs.net -- Link Technologies, Inc.
-- Author of "Learn RouterOS: Second Edition"
 
chris84
newbie
Posts: 31
Joined: Tue Mar 27, 2007 12:05 pm
Location: Vienna
Contact:

Re: Adding Several Radius Servers

Thu Nov 29, 2007 2:52 pm

I'd also like to know how that is treated.
 
User avatar
gmsmstr
Trainer
Trainer
Topic Author
Posts: 942
Joined: Fri Jun 04, 2004 2:22 am
Location: St. Louis, MO
Contact:

Re: Adding Several Radius Servers

Thu Nov 29, 2007 5:06 pm

Nothen yet.. ;) Bump.
Dennis Burgess, MCTCE, MTCNA, MCTCTE, MTCWE, MTCNIE, A+, N+, MCP, MTCSE Mikrotik Certified Consultant / Trainer
Need Mikrotik Support: http://www.linktechs.net -- Link Technologies, Inc.
-- Author of "Learn RouterOS: Second Edition"
 
savage
Forum Guru
Forum Guru
Posts: 1220
Joined: Mon Oct 18, 2004 12:07 am
Location: Cape Town, South Africa
Contact:

Re: Adding Several Radius Servers

Fri Nov 30, 2007 11:03 am

Has been discussed before, search the archives.

If memory serves me right, its in the order they are added. If the 1st doesn't respond, it attempts against the next server listed.
Regards,
Chris
 
User avatar
sergejs
MikroTik Support
MikroTik Support
Posts: 6630
Joined: Thu Mar 31, 2005 3:33 pm
Location: Riga, Latvia
Contact:

Re: Adding Several Radius Servers

Fri Nov 30, 2007 1:13 pm

You can't authenticate to both radius server at the same time, only if first
fails it will go to the second or if you want to use the second radius for
accounting backup purposes.

You can create a radius client with accounting-backup enabled and move it
above the primary radius server.
In adition if you want to use it as a backup radius server then you should add
another entry after the main radius entry.
 
User avatar
gmsmstr
Trainer
Trainer
Topic Author
Posts: 942
Joined: Fri Jun 04, 2004 2:22 am
Location: St. Louis, MO
Contact:

Re: Adding Several Radius Servers

Fri Nov 30, 2007 4:48 pm

Can you define failed. Failed as in, the first radius server has denied access or the timeout value has been exceeded waiting for a response?
Dennis Burgess, MCTCE, MTCNA, MCTCTE, MTCWE, MTCNIE, A+, N+, MCP, MTCSE Mikrotik Certified Consultant / Trainer
Need Mikrotik Support: http://www.linktechs.net -- Link Technologies, Inc.
-- Author of "Learn RouterOS: Second Edition"
 
User avatar
sergejs
MikroTik Support
MikroTik Support
Posts: 6630
Joined: Thu Mar 31, 2005 3:33 pm
Location: Riga, Latvia
Contact:

Re: Adding Several Radius Servers

Mon Dec 03, 2007 8:34 am

Failed means no data communication in any way (timeout, access denied, etc.).
 
Trisc
Member Candidate
Member Candidate
Posts: 242
Joined: Sat May 29, 2004 11:24 pm
Location: Glos, UK

Re: Adding Several Radius Servers

Tue Dec 04, 2007 12:39 pm

Sergejs

We want to add a second Radius server, belonging to a VOIP provider, so their customers VOIP handsets can authenticate through our hotspots.

How could we do this if the second RADIUS entry is just for failover?
 
User avatar
sergejs
MikroTik Support
MikroTik Support
Posts: 6630
Joined: Thu Mar 31, 2005 3:33 pm
Location: Riga, Latvia
Contact:

Re: Adding Several Radius Servers

Tue Dec 04, 2007 1:42 pm

Trisc, could you be more specific about the login method, that VoIP phone will use ?
There are no any problems, when device has web-browser, than 'option' domain is used to sort HotSpot clients over RADIUS server 1 or RADIUS server 2.
 
jonmansey
Frequent Visitor
Frequent Visitor
Posts: 72
Joined: Sat Sep 18, 2004 3:43 am

Re: Adding Several Radius Servers

Wed Dec 19, 2007 7:01 am

I heard that failover to the second radius server works, but it never reverts back to using the primary. this could be fixed with a periodic script to disable the secondary thus leaving only the primary, this ought to force it to fail back to the primary. I havent tested it.

jm
 
User avatar
sergejs
MikroTik Support
MikroTik Support
Posts: 6630
Joined: Thu Mar 31, 2005 3:33 pm
Location: Riga, Latvia
Contact:

Re: Adding Several Radius Servers

Wed Dec 19, 2007 9:24 am

As far as I know 3.0 version RADIUS client is working in the following way, at the beginning first server is contacted, then second if first is not responding or you are talking about accounting-backup (?).

Who is online

Users browsing this forum: cyb, Google [Bot], usmanmaniskp and 185 guests