Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Jesse
Contributor
Jump to solution

RADIUS Authentication on a Secondary MDS/Provider1

I have an R80.10 Multi-Domain Security Mgmt Server (MDS, aka Provider 1) configured with RADIUS authentication for administrator SmartConsole access. This seems to work fine. However, I added a Secondary MDS, with Secondary DMS/CMAs on it. When trying to authenticate to the Secondary MDS, or a Secondary (Active) DMS/CMA, the RADIUS authentication isn’t working. Doing a tcpdump on both the primary and secondary MDS shows no RADIUS requests being sent at the time of the authentication attempt. Is RADIUS authentication supported/supposed to work on a Secondary MDS and/or a Secondary DMS? I can’t find anything in the documentation regarding this.

1 Solution

Accepted Solutions
Nick_Bauman
Explorer

I experienced the same behavior when adding a Secondary MDS. I opened a support case on it. Support was able to replicate it only after a fresh install or upgrade of a Secondary MDS.

Performing a mdsstop/mdsstart on the secondary MDS resolved the issue for us.

View solution in original post

3 Replies
Kaspars_Zibarts
Employee Employee
Employee

It's working for us with MDS as it's HA box. The only note I can think of - make sure your Radius object is created as global. And that the secondary MDS IP is permitted in Radius server itself if course Smiley Happy

Nick_Bauman
Explorer

I experienced the same behavior when adding a Secondary MDS. I opened a support case on it. Support was able to replicate it only after a fresh install or upgrade of a Secondary MDS.

Performing a mdsstop/mdsstart on the secondary MDS resolved the issue for us.

Jesse
Contributor

Nick,

mdsstop/mdsstart seems to have given it the kick it needed. I'm able to authenticate via RADIUS from the Secondary MDS and DMSs now. Much appreciated!

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events