The only radius IP address that the switch needs to talk to is the Management VIP only.
The radius load balancer would do the rest. Thanks, Ludovic Zammit Product Support Engineer Principal Cell: +1.613.670.8432 Akamai Technologies - Inverse 145 Broadway Cambridge, MA 02142 Connect with Us: <https://community.akamai.com/> <http://blogs.akamai.com/> <https://twitter.com/akamai> <http://www.facebook.com/AkamaiTechnologies> <http://www.linkedin.com/company/akamai-technologies> <http://www.youtube.com/user/akamaitechnologies?feature=results_main> > On May 27, 2021, at 5:54 AM, Sonali Gulia <sonaligul...@gmail.com> wrote: > > Thanks for your reply sir . i understand this on radius request = one reply > but there are two scenarios one is when we were using single server first > radius request id got answered and other packet dropped but now in cluster > environment main server proxy request and in that time other request id frame > come and other server reply to all request id just like you said one radius > request = one reply so i understand multiple log generated > So is there any way we can overcome this situation? > > in the second scenario . same switch config same port config but with > different client (pc) results are different .for one single request proceed > and other dropped and with different pc same above scenario happened. We are > using anyconnect for the dot1x prompt because of ldap auth and I checked that > the same profile and settings are used in both systems . I don't understand > where I should control the radius request id .Please help. > > On Tue, May 25, 2021 at 6:42 PM Zammit, Ludovic <luza...@akamai.com > <mailto:luza...@akamai.com>> wrote: > Hello Gulia, > > There is not much you can do, one radius request = one reply. > > If the client try to connect, PF will answers. > > If the fail is legit (On purpose because of many reason) and not because the > client send a bad authentication, you can’t do much. > > Thanks, > > Ludovic Zammit > Product Support Engineer Principal > > Cell: +1.613.670.8432 > Akamai Technologies - Inverse > 145 Broadway > Cambridge, MA 02142 > Connect with Us: <https://community.akamai.com/> > <http://blogs.akamai.com/> > <https://urldefense.com/v3/__https://twitter.com/akamai__;!!GjvTz_vk!AgoAHJFj0Vxt7xMHzsK0DZYSMB9E94h7rBXVCEC2qO7Zzq6_oNEO4LowUCxZqw$> > > <https://urldefense.com/v3/__http://www.facebook.com/AkamaiTechnologies__;!!GjvTz_vk!AgoAHJFj0Vxt7xMHzsK0DZYSMB9E94h7rBXVCEC2qO7Zzq6_oNEO4Lr4Ti3c8Q$> > > <https://urldefense.com/v3/__http://www.linkedin.com/company/akamai-technologies__;!!GjvTz_vk!AgoAHJFj0Vxt7xMHzsK0DZYSMB9E94h7rBXVCEC2qO7Zzq6_oNEO4LpmHIa06w$> > > <https://urldefense.com/v3/__http://www.youtube.com/user/akamaitechnologies?feature=results_main__;!!GjvTz_vk!AgoAHJFj0Vxt7xMHzsK0DZYSMB9E94h7rBXVCEC2qO7Zzq6_oNEO4Lqcxdnvqw$> > >> On May 24, 2021, at 7:25 AM, Sonali Gulia via PacketFence-users >> <packetfence-users@lists.sourceforge.net >> <mailto:packetfence-users@lists.sourceforge.net>> wrote: >> >> hi all, >> >> whenever a user gets rejected due to any reason multiple radius audit log >> generated for single request in cluster.sometimes 10 logs generated >> sometimes 5. while it's working fine on a single server environment. >> we try packet monitoring ,check switch interface reauth timer everything . >> >> please help regarding this if any configuration needs to change or test >> something. kindly help >> _______________________________________________ >> PacketFence-users mailing list >> PacketFence-users@lists.sourceforge.net >> <mailto:PacketFence-users@lists.sourceforge.net> >> https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!DZmu1uMr3QRfs0AaylHngKyUx7-TZGQdW08TmcCSgfQuHY_A_tc8Ij6MYKS4u17m$ >> >> <https://urldefense.com/v3/__https://lists.sourceforge.net/lists/listinfo/packetfence-users__;!!GjvTz_vk!DZmu1uMr3QRfs0AaylHngKyUx7-TZGQdW08TmcCSgfQuHY_A_tc8Ij6MYKS4u17m$> >> >
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
