Re: WLC RADIUS Server Failover - Passive mode timer

Nigel Bowden · ‎10-18-2012

In 7.2 WLC code, it appears it is now possible to specify which RADIUS servers are used as the preferred server for authentication (

Security > AAA > RADIUS > Fallback to open the RADIUS > Fallback Parameters ).

There are 3 mode for this: off, passive & active.

In the passive mode, the operation is described in the config guide as :

Passive

—Causes the controller to revert to a server with a lower priority from the available backup servers without using extraneous probe messages. The controller ignores all inactive servers for a time period and retries later when a RADIUS message needs to be sent.

Does anyone know how long this 'time period' is? If it is only a few seconds, then it could be that user authentications are being used to test against a failed RADIUS server frequently & will experience annoying time-out delays, causing support calls etc.

Anyone know what it is, or if its configurable? I don't see anything in the docs...

Nigel.

Saravanan Lakshmanan · ‎10-18-2012

Here you go.

RADIUS Server Fallback Feature on WLC.

http://www.cisco.com/en/US/products/ps6366/products_configuration_example09186a008098987e.shtml#passive

Khurram Noor · ‎02-18-2018

Found this query while searching for the Fallback methods. My WLC is 8.0 and i can see that the time for passive fall back is configurable (default 300sec)

Flavio Miranda · ‎02-19-2018

Hi

Default is 300 seconds.

-If I helped you somehow, please, rate it as useful.-