Agree with Patoberli......as

GRANT3779 · ‎07-18-2017

I have an SSID setup for MAC Filtering.

Under Security tab of my WLAN, then AAA Servers - Is there a way I can load balance between my Server 1 and Server 2? I have two ISE Servers but it seems the SSID will always default to the first and only try second in the event of a failure of server 1.

I know I could use a load balancer to potentially get round this, but is there an option on the WLC itself or SSID level to be able to load balance between Radius servers?

My concern is that for my Guest SSID - All authentication traffic will be going to one ISE Server only.

patoberli · ‎07-18-2017

I'm fairly sure this isn't possible and also shouldn't be needed (one Radius needs to be able to serve the full load, otherwise you've got an outage if one Radius fails and the other criples from the load).

Also make sure to have read this:

http://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/118703-technote-wlc-00.html

Sandeep Choudhary · ‎07-18-2017

Agree with Patoberli......as per my knowledge its not possible on WLC.

config radius fallback-test mode {off | passive | active}

OFF: when First radius server shows dead , WLC moves to the second. And will only change again when the second is dead too.

PASSIVE : whent First radius is dead, WLC moves to the second. If there is a new authentication coming in, it will try the First radius server again

ACTIVE: WLC constantly sends radius probes to detect when primary is back up.

Regards

Dont forget to rate helpful posts

SSID - Radius Server Load Balancing