Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1828
Views
0
Helpful
2
Replies

Changing the default radius source ip address for one group only

Go to solution
pwilliams86
Level 1
Level 1

‎06-11-2020 03:08 AM

Hi,

We have a two radius groups configured on our switch. The first one is live and it uses the source ip address 192.168.240.10 to communicate with a local ISE environment. The radius source interface hasnt been configured anywhere, the switch has just picked that interface. The second radius group (not live at the moment) needs to use a different source IP address (to the default 192.168.240.10) as it is connecting to a separate remote ISE environment and we cant route the 192 address.

  1. Firstly, is this the config in bold that will enable that group to use a different radius IP? The vlan in question has a routable address.
    aaa group server radius remoteISE12
     server name remoteISE01
     server name remoteISE02
     ip radius source-interface vlan vlan-name
  2. I want to check that manually setting the source address for one group wont affect the other live group. I feel like it shouldnt but as this is a live environment I would like to be sure.

Many thanks,

Paddy

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎06-11-2020 06:13 AM

I want to check that manually setting the source address for one group wont affect the other live group. I feel like it shouldnt but as this is a live environment I would like to be sure.
-It wont affect the other group. The only way something could possibly cause an issue is if you globally configured a different radius source-interface. As long as they are configured to be unique under each group you are fine.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Surendra
Cisco Employee
Cisco Employee

‎06-11-2020 03:42 AM

IT doesn’t. You should be fine.
0 Helpful

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎06-11-2020 06:13 AM

I want to check that manually setting the source address for one group wont affect the other live group. I feel like it shouldnt but as this is a live environment I would like to be sure.
-It wont affect the other group. The only way something could possibly cause an issue is if you globally configured a different radius source-interface. As long as they are configured to be unique under each group you are fine.
0 Helpful
Customers Also Viewed These Support Documents