Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts in the Routing and SD-WAN forum. Click to go to the forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
20949
Views
0
Helpful
31
Replies

Radius : fail / fallback - overview ?

Thomas Obbekaer Thomsen
Level 10
Level 10

‎02-08-2023 07:39 AM

I seem to have a little radius trouble.

I have two radius servers on a iPSK with radius SSID.

Everything has worked just fine.

But then things (hence this post) started , ehh , not working fine.

A bit of investigation (packet captures) shows that the AP sends Access-Request to the radius server, as expected, then nothing happens (aka no response) and the AP sends the request again (duplicate packet).

Apparently this continues, even though there are two radius servers configured on the SSID.

Why does it not switch to the secondary radius server ?

At the same time, I have another SSID running standard dot1x, nothing fancy, using the same radius servers in the same priority order. This seems to utilize radius 2 and , is my guess, switched over at some point.

Do anyone know where I can see that radius servers switched over in the eventlog ? (I cant seem to find such an option). - And is there a warning anywhere that tells me: "Oh look, your primary radius server has stopped responding " - Im guessing there is not 🙂

Labels:
0 Helpful
31 Replies 31

Philip D'Ath
Meraki Community All-Star
Meraki Community All-Star

‎02-08-2023 10:47 AM

I haven't used that specific mode - but does it have the option to do RADIUS testing (other options for using RADIUS have this)?

0 Helpful

Thomas Obbekaer Thomsen
Level 10
Level 10
In response to Philip D'Ath

‎02-08-2023 12:11 PM

There does not seem to be any "testing" switches. So I cant tell when a radius server is marked as dead, or when it is marked as up again. And I cant see it anywhere in logs, or other UI.

This is clearly an oversight.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card