Radius auth to standby ASA in Active Active Failover

mahesh18 · ‎06-10-2014

Hi Everyone,

When ASA is in Active/standby failover i can ssh to standby ASA using Radius.

But when ASA is in multi context mode Active/Active failover i can not do Radius Auth to standby ASA?

Is this default behaviour?

Regards

MAhesh

Marius Gunnerud · ‎06-11-2014

I would not have thought this is the default behavior...but then again, I have never tested this. If you console into the standby context issue the command show run | in aaa. Which authentication database is indicated?

--

Please remember to select a correct answer and rate helpful posts

--
Please remember to select a correct answer and rate helpful posts

mahesh18 · ‎06-11-2014

Hi Marius,

both ASA active and standby in Active/active failover when i run the command

sh run | inc aaa

have same config with radius as protocol and same radius servers.

Regards

MAhesh

mahesh18 · ‎06-11-2014

Also when i run command sh aaa-server on standby ASA it shows

Server status as Failed,Server disabled at

Regards

MAhesh

Collin Clark · ‎06-11-2014

That is not the default behavior. Make sure you have all the IP's in your AAA server.

mahesh18 · ‎06-11-2014

Hi Collin,

Both ASA have same IP's in their AAA server group.

Regards

MAhesh

Marvin Rhoads · ‎06-11-2014

I think Collin was talking about having the IP addresses for both the Active and Standby ASA (for each context) in your RADIUS server.

mahesh18 · ‎06-11-2014

Will check Entries of IP in radius.

Collin Clark · ‎06-11-2014

That is not the default behavior. Make sure you have all the IP's in your AAA server.

Radius auth to standby ASA in Active Active Failover

ISE - Active Directory Identity Source

Configure ASA Active/Active Failover in Firepower 4100 Series

ASA: Active/Active 冗長機能について

Catalyst 9800 HA SSO 障害時の機器交換(Active機障害)

ASA: 冗長構成(Act/Stby)で Active機とStandby機の再起動方法 (CLI)