Answered by:
how to make two radius server , one is for backup server ?

Question
-
how to make two radius server cluster?, one is for backup server ? one active and one backup?
can it load balancing ? if so, how?
how to set configuration of cisco network device to use two radius server
conf t
aaa new-model
!
aaa group server radius IAS
server 192.168.1.1 auth-port 1812 acct-port 1813
!
aaa authentication login userAuthentication local group IAS
aaa authorization exec userAuthorization local group IAS if-authenticated
aaa authorization network userAuthorization local group IAS
aaa accounting exec default start-stop group IAS
aaa accounting system default start-stop group IAS
!
radius-server host 192.168.1.1 auth-port 1645 acct-port 1646 key noc456noc
radius-server host 192.168.1.1 auth-port 1812 acct-port 1813 key noc456noc
!
privilege exec level 1 show config
!
ip radius source-interface Fa0/23
!
line vty 0 4
authorization exec userAuthorization
login authentication userAuthentication
transport input telnet
!
line vty 5 15
authorization exec userAuthorization
login authentication userAuthentication
transport input telnet
end
computing nightmare
- Edited by Map to new space Monday, May 4, 2015 8:46 AM
Monday, May 4, 2015 7:07 AM
Answers
-
>i add second raidus server in remote Radius server group ,yes correct
>need to add first raidus server ....yes
>need to copy to second... you need to configure each raidus server on server group
Check this article about the subject;(Also explan load balacing and Proxy)
- Proposed as answer by Eve WangMicrosoft contingent staff Thursday, May 21, 2015 8:13 AM
- Marked as answer by Eve WangMicrosoft contingent staff Monday, May 25, 2015 9:27 AM
Monday, May 4, 2015 10:58 AM -
Hi,
To provide fault tolerance for RADIUS-based authentication and accounting, use at least two NPS servers. One NPS server is used as the primary RADIUS server and the other is used as a backup. Each RADIUS client is then configured on both NPS servers. If the primary NPS server becomes unavailable, RADIUS clients then send Access-Request messages to the alternate NPS server.
If RADIUS client can be configured with only one RADIUS server, then, use RADIUS proxy to forward request to other RADIUS servers.
More information about RADIUS and RAIDUS proxy, just for your reference:
Components of a RADIUS Infrastructure
https://technet.microsoft.com/en-us/library/dd197429(v=ws.10).aspxPlanning NPS as a RADIUS proxy
https://technet.microsoft.com/en-us/library/dd197525%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396Best Regards,
Eve WangPlease remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.
- Proposed as answer by Eve WangMicrosoft contingent staff Thursday, May 21, 2015 8:12 AM
- Marked as answer by Eve WangMicrosoft contingent staff Monday, May 25, 2015 9:27 AM
Tuesday, May 5, 2015 7:51 AM
All replies
-
Hi
at the Begining,NPS(Radius) could not run in a server cluster.
You could configure 2 different nps server for different specs;
check this detailed article;
Monday, May 4, 2015 8:57 AM -
it mentioned to use multiple radius server need to use radius proxy
i add second radius server in remote radius server group, is it correct configuration
do i need to add first radius server in radius server group?
do i need to need to copy configuration to second NPS to configure again?
computing nightmare
Monday, May 4, 2015 10:43 AM -
>i add second raidus server in remote Radius server group ,yes correct
>need to add first raidus server ....yes
>need to copy to second... you need to configure each raidus server on server group
Check this article about the subject;(Also explan load balacing and Proxy)
- Proposed as answer by Eve WangMicrosoft contingent staff Thursday, May 21, 2015 8:13 AM
- Marked as answer by Eve WangMicrosoft contingent staff Monday, May 25, 2015 9:27 AM
Monday, May 4, 2015 10:58 AM -
Hi,
To provide fault tolerance for RADIUS-based authentication and accounting, use at least two NPS servers. One NPS server is used as the primary RADIUS server and the other is used as a backup. Each RADIUS client is then configured on both NPS servers. If the primary NPS server becomes unavailable, RADIUS clients then send Access-Request messages to the alternate NPS server.
If RADIUS client can be configured with only one RADIUS server, then, use RADIUS proxy to forward request to other RADIUS servers.
More information about RADIUS and RAIDUS proxy, just for your reference:
Components of a RADIUS Infrastructure
https://technet.microsoft.com/en-us/library/dd197429(v=ws.10).aspxPlanning NPS as a RADIUS proxy
https://technet.microsoft.com/en-us/library/dd197525%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396Best Regards,
Eve WangPlease remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact tnmff@microsoft.com.
- Proposed as answer by Eve WangMicrosoft contingent staff Thursday, May 21, 2015 8:12 AM
- Marked as answer by Eve WangMicrosoft contingent staff Monday, May 25, 2015 9:27 AM
Tuesday, May 5, 2015 7:51 AM