Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
656
Views
0
Helpful
1
Replies

ISE 1.2 Patch 2 External RADIUS Server Sequence Broken?

Ashley Georgeson
Level 1
Level 1

‎10-11-2013 07:22 AM - edited ‎03-10-2019 08:59 PM

Hi community,

We have upgraded our proof of concept ISE 1.2 lab to Patch level 2.

Our lab design includes the use of external RADIUS servers which we off-load certain authentication rules to.

To ensure resiliency of the external RADIUS service, we have two of these which we add to a RADIUS Server Sequence, the idea being that if the first in the list is unavailable, ISE will try the second and all will be well.

Now this worked for us in testing ISE 1.2, but I have noticed that after the upgrade to Patch 2 ISE is sending the majority RADIUS traffic to the first (failed) external RADIUS server, with only the odd RADIUS Access-Request to thte next in the list.

Anybody else come across this??

All helpful comments rated!

Many thanks, Ash.

Labels:
0 Helpful
1 Reply 1

Jatin Katyal
Cisco Employee
Cisco Employee

‎10-13-2013 03:23 AM

I couldn't find any known issues with this feature. Could you please paste the screen shot of external radius sequence and configuration. Also, how are we determing that the first server in the sequence is DEAD?

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin
0 Helpful
Customers Also Viewed These Support Documents