Page 1 of 1

Adding Several Radius Servers

Posted: Mon Nov 26, 2007 9:18 pm
by gmsmstr
What is the flow for multiple Radius Servers?

i.e. Is it for backup, the first is not avialble, does it fail to the second?
or. if the first can't auth, i.e. access denied, does it try they second one for a auth?

Re: Adding Several Radius Servers

Posted: Thu Nov 29, 2007 2:52 pm
by chris84
I'd also like to know how that is treated.

Re: Adding Several Radius Servers

Posted: Thu Nov 29, 2007 5:06 pm
by gmsmstr
Nothen yet.. ;) Bump.

Re: Adding Several Radius Servers

Posted: Fri Nov 30, 2007 11:03 am
by savage
Has been discussed before, search the archives.

If memory serves me right, its in the order they are added. If the 1st doesn't respond, it attempts against the next server listed.

Re: Adding Several Radius Servers

Posted: Fri Nov 30, 2007 1:13 pm
by sergejs
You can't authenticate to both radius server at the same time, only if first
fails it will go to the second or if you want to use the second radius for
accounting backup purposes.

You can create a radius client with accounting-backup enabled and move it
above the primary radius server.
In adition if you want to use it as a backup radius server then you should add
another entry after the main radius entry.

Re: Adding Several Radius Servers

Posted: Fri Nov 30, 2007 4:48 pm
by gmsmstr
Can you define failed. Failed as in, the first radius server has denied access or the timeout value has been exceeded waiting for a response?

Re: Adding Several Radius Servers

Posted: Mon Dec 03, 2007 8:34 am
by sergejs
Failed means no data communication in any way (timeout, access denied, etc.).

Re: Adding Several Radius Servers

Posted: Tue Dec 04, 2007 12:39 pm
by Trisc
Sergejs

We want to add a second Radius server, belonging to a VOIP provider, so their customers VOIP handsets can authenticate through our hotspots.

How could we do this if the second RADIUS entry is just for failover?

Re: Adding Several Radius Servers

Posted: Tue Dec 04, 2007 1:42 pm
by sergejs
Trisc, could you be more specific about the login method, that VoIP phone will use ?
There are no any problems, when device has web-browser, than 'option' domain is used to sort HotSpot clients over RADIUS server 1 or RADIUS server 2.

Re: Adding Several Radius Servers

Posted: Wed Dec 19, 2007 7:01 am
by jonmansey
I heard that failover to the second radius server works, but it never reverts back to using the primary. this could be fixed with a periodic script to disable the secondary thus leaving only the primary, this ought to force it to fail back to the primary. I havent tested it.

jm

Re: Adding Several Radius Servers

Posted: Wed Dec 19, 2007 9:24 am
by sergejs
As far as I know 3.0 version RADIUS client is working in the following way, at the beginning first server is contacted, then second if first is not responding or you are talking about accounting-backup (?).