cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
961
Views
0
Helpful
5
Replies

Cisco ISE - VPN users authenticated with Secondary PSN

aslam.bajwa
Level 3
Level 3

Hi All ,

I have cisco ISE 2.2 Distributed deployment with Failover .

my Mobile VPN users are getting connected with Secondary PSN instead Primary PSN.

 now i want to know where is time-out configured ? in which if primary radius is not responding then VPN users authenticating by Secondary PSN (Secondary Radius ) .

 

Regards ,

1 Accepted Solution

Accepted Solutions

@Mohammed al Baqariwith respect the command is

 

show aaa-server

also this command can be used show run all aaa-server

please do not forget to rate.

View solution in original post

5 Replies 5

if you on ASA box.

 

 

aaa-server my-radius-group protocol radius
aaa-server my-radius-group host 1.2.3.4
timeout 3
key “password”
authentication-port 1812
accounting-port 1813
please do not forget to rate.

Hi SHeraz ,
Thank you very much for your reply ,
timeout 3 is 3 min ?
this change will effect any thing els also ?

Regards


This is configured in ASA. If you check show aaa severs in ASA you will see
that status of your radius servers (live/dead). The timers are configured
in aaa radius server configuration.

@Mohammed al Baqariwith respect the command is

 

show aaa-server

also this command can be used show run all aaa-server

please do not forget to rate.