Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1281
Views
0
Helpful
1
Replies

Radius Server load balancing

miles.m.simpson.ctr1
Level 1
Level 1

‎05-04-2015 07:54 AM - edited ‎03-10-2019 10:42 PM

I'm trying to setup my switches to authenticate to 4 different radius servers. I have two of them added and entered into the config, but it looks like it is only sending authentication requests to the first one listed. I'm guessing the standard config uses the primary unless it is marked dead. Is this true? Is there a way to force it to load balance the requests evenly?

 

sho run | i radius
aaa authentication dot1x default group radius
aaa authorization network default group radius if-authenticated
ip radius source-interface VlanX
radius-server host x.x.x.x auth-port 1812 acct-port 1813 key 7
radius-server host x.x.x.x auth-port 1812 acct-port 1813 key 7
radius-server deadtime 1

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-04-2015 08:37 AM

Without using a load balancer in front of the RADIUS servers, the only way is to put one server first for some network access devices (NADs) and another server first for others.

As long as the first one in the list is marked up, the NAD will use it.

A few devices (e.g., Meraki) do allow you to specify round-robin RADIUS selection. Reference.

A true load balancer (or "application delivery controller") allows much more intelligent server selection - using least connections, server weighting, etc. in the selection process.

0 Helpful
Customers Also Viewed These Support Documents