Most devices will not switch over to the second RADIUS server if the first is replying in some fashion. No response from a RADIUS server will trigger the dead server detection and eventually set the other RADIUS server as active.
------------------------------
Carson Hulcher, ACEX#110
------------------------------
Original Message:
Sent: Apr 30, 2024 07:16 PM
From: Usaia Tawakevou
Subject: Port Based 802.1x NAC with two RADIUS Server
Got the above working well with Aruba and some HP procurve that we have. Add in another NPS server with the same policy etc. There was some network policy that we enable on our 1st NPS server to fix another issue however it somehow affected authentication on the NPS, and users weren't able to authenticate via NPS even though the 2nd NPS server is setup on the switches and is up and running.
I believe there must have been additional settings that I need to do so that authentication request failover to the 2nd NPS server when request to the 1st NPS server never respond or fail authenticating request on those switch ports. Switches still see my 1st RADIUS server and still send request to it since its still reachable is my thought. So, we shutdown to restore the 1st NPS server and authentication went through because it goes through the 2nd NPS server.
Any help or guidance and related documents and examples will be really appreciated.