Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
734
Views
0
Helpful
1
Replies

An emergency Help for AAA authentication (multiple Accounting servers)

masih
Level 1
Level 1

‎10-02-2004 10:37 AM - edited ‎03-10-2019 01:50 PM

Hi,

We have a 5300 acess server, providing authentication to our users with RADIUS with an accounting server which is NTTacPlus on windows.( It also can communicate with Tacacs+ )

It works perfectly but we have another problem.

We want to have 2 accounting server based on NTTacplus with different Databeses. So the usernames that they have are not the same.

We want that when a user request an authentication our access server first send it to the first accounting server, if it has that user authenticate it, otherwise it should send it to the second accounting server for authentication.

I have read a lot for this problem but I couldn't solve it. All the documentation I read are about back-up servers which do not solve my problem because the databases of two servers are different.

I know that if the first security server doesn't have that username it sends a FAIL messege not an Error message to the access server so the other methodes in AAA won't be attempted. ( for example if the second accounting server communicate with Tacacs+ with the access server)

I also have to say that we don't want our users to determine the accounting server with directed-Broadcast with an @ sign in their usernames.

I am waiting for your replies.

Thanks,

Labels:
0 Helpful
1 Reply 1

jsivulka
Level 5
Level 5

‎10-07-2004 01:28 PM

I was wondering if putting the servers in different groups would help? Please do let me know if you figure something out.

0 Helpful
Customers Also Viewed These Support Documents