EAP-TLS and PEAP redundancy options

John Paul JDPAUL at GoColumbiaMO.com
Tue Dec 4 22:12:07 CET 2007

>>> On 12/4/2007 at 10:01 AM, in message
<fVJXevUg.1196784061.7601270.tnt at kalik.co.yu>, <tnt at kalik.co.yu> wrote:
> Debug the switch. It's quite likely that it isn't marking the radius
> server that is down as dead but it tries it again when it recieves the
> challenge.

Bingo, we have a winner. The switch was attempting to contact the downed server after the failover server had sent an access challenge back to the client. I'm not sure why this made it fail but it did. If I set the switch's radius server deadtime this seems to have fixed the issue.

Thanks for everyone's help.

More information about the Freeradius-Users mailing list