Table of Contents
Advertisement
When both the primary and secondary servers are available, the device sends request packets to the
primary server.
Once the primary server fails, the primary server turns into the state of block, and the device turns to the
secondary server. In this case:
If the secondary server is available, the device triggers the primary server quiet timer. After the
quiet timer times out, the status of the primary server is active again and the status of the
secondary server remains the same.
If the secondary server fails, the device restores the status of the primary server to active
immediately.
If the primary server has resumed, the device turns to use the primary server and stops communicating
with the secondary server. After accounting starts, the communication between the client and the
secondary server remains unchanged.
Follow these steps to set the status of RADIUS servers:
To do...
Enter system view
Create a RADIUS scheme and
enter RADIUS scheme view
Set the status of the primary
RADIUS
authentication/authorization server
Set the status of the primary
RADIUS accounting server
Set the status of the secondary
RADIUS
authentication/authorization server
Set the status of the secondary
RADIUS accounting server
If both the primary server and the secondary server are in the blocked state, it is necessary to
manually turn the secondary server to the active state so that the secondary server can perform
authentication. If the secondary server is still in the blocked state, the primary/secondary
switchover cannot take place.
If one server is in the active state while the other is blocked, the primary/secondary switchover will
not take place even if the active server is not reachable.
The server status set by the state command cannot be saved in the configuration file and will be
restored to active every time the server restarts.
Configuring Attributes Related to Data to Be Sent to the RADIUS Server
Follow these steps to configure the attributes related to data to be sent to the RADIUS server:
Use the command...
system-view
radius scheme
radius-scheme-name
state primary authentication
{ active | block }
state primary accounting { active |
block }
state secondary authentication
{ active | block }
state secondary accounting
{ active | block }
1-26
Remarks
—
Required
Not defined by default
Optional
active for every server
configured with IP
address in the
RADIUS scheme
Advertisement
Chapters
Table of Contents
Troubleshooting
