>I suppose you could configure your NAS equipment with both a primary and a >secondary Radius server, and use different secrets on the two servers. I'm not >sure that the resulting potential confusion would be worth it though. The dual keys would only be in action for a few days, perhaps a week while all routers are changed over to the new radius key. The cisco routers only allow a Global radius server/key configuration, unless you upgrade to the (fairly new) IOS 12.0 or 12.1 where you can use Radius Groups. As far as I understand, the radius packets are MD5 encrypted with the Radius key? If this is true, then you could decrypt the packet, and if it comes out garbage then try the second Radius key. Regards, Robert Moss. === Archive at http://www.starport.net/~radiator/ Announcements on [EMAIL PROTECTED] To unsubscribe, email '[EMAIL PROTECTED]' with 'unsubscribe radiator' in the body of the message.
