Hello everyone,
I have configured two separate RADIUS server with the same setting and I want to integrate my Wireless device to be authenticated agains those servers. The reason I have configured two separate RADIUS servers is to have high availability in case the primary server do not respond. However, I have tested the scenario in a testing environment and the results didn't go as expected:
- Firstly I have tried to authenticate using my primary RADIUS server and everything worked well. I saw the messages on the server side as expected. After the first successful attempt I have disabled the RADIUS service on the primary server and try to re-authenticate again. The expectation was that after the authentication messages would time-out on the first server, the AP would use the second server, but it never happens. Using TCPDUMP I've notice the request packets go to the primary but never to the second server.
Has anyone encountered similar problem using two RADIUS servers for high availability ?
Thank you in advance!
P.S.1: I am unable to use the testing method from the dashboard. That method uses ms-chap while I am using LDAP in the backend.
P.S.2: Picture of the RADIUS setting attached.
