cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1020
Views
0
Helpful
4
Replies

Radius Fallback Option Cisco WLC 2504

Rahul Wankhade
Level 1
Level 1

Hi,

I have cisco WLC 2504 I configure two windows Radius server on that wlc. Both Radius server working fine, But when primary radius server down. Secondary not comes up. Please help me out when my primary radius server goes down how automatically secondary comes up. Fallback mode passive, Active & off  which one should I select  it;s ask username what is the meaning of username. Where I get this username. 

 

 

Regards,

Rahul Wankhade

 

Regards,
Rahul Wankhade
4 Replies 4

kcnajaf
Level 7
Level 7

Hi Rahul,

I hope below link clearly explains your answer.

http://www.cisco.com/c/en/us/support/docs/wireless/4400-series-wireless-lan-controllers/106258-radius-fbkftr-wlc-config.html

To summaries

There are three modes to fall back:

Off - no fallback

Passive - WLC sends the credentials to the 'dead' server when a user tries to authenticate

On - You configure a username and an time interval.  WLC sends the credentials to the 'dead' server at configured interval.

The password is not really checked here and all WLC is checking is whether it is getting any response back.  So getting a reject back from the server would bring it back 'alive' in the AAA list.

Hope that helps.

Regards

Najaf

Dear Najaf,

 

Thanks for your mail, But I am not understand username can I use anything in the wlc. Which one fallback 

option recommended. 

Regards,
Rahul Wankhade

Hi Rahul,

My recommendation would be active.

When you enable active fallback you get an option to specify a username. You can enter your own username or leave it with the default. The default username is “cisco-probe”. Because this username is used to send probe messages, you do not need to configure any password.

Hope that helps.

Regards

Najaf

Please rate when applicable or helpful !!!

Abhishek Abhishek
Cisco Employee
Cisco Employee

 

a. Choose Security > AAA > RADIUS > Fallback to open the RADIUS > Fallback Parameters to open the fallback parameters page.

 

b. From the Fallback Mode drop-down list, choose one of the following options:

Off—Disables RADIUS server fallback. This is the default value.

Passive—Causes the controller to revert to a server with a lower priority from the available backup servers without using extraneous probe messages. The controller ignores all inactive servers for a time period and retries later when a RADIUS message needs to be sent.

Active—Causes the controller to revert to a server with a lower priority from the available backup servers by using RADIUS probe messages to proactively determine whether a server that has been marked inactive is back online. The controller ignores all inactive servers for all active RADIUS requests. Once the primary server receives a response from the recovered ACS server, the active fallback RADIUS server no longer sends probe messages to the server requesting the active probe authentication.

Review Cisco Networking for a $25 gift card