@cappalli wrote:
You would use match rules in your server group to match the domain to the RADIUS server.
Indeed, because if you don't, if the user is not known in the first server it will send a reject and after a reject it stops.
The server fal through option is only valid when the first server is not reachable, then it will try to reach the following.
EDIT: oops I meant fall through, fail through should do the trick
but following Aruba's recommendation
user guide 6.3 page 218 says:
"Aruba recommends that you use server selection based on domain matching whenever possible"