Junos
Junos

RADIUS Authentication question

‎02-04-2019 02:36 AM

Hi there,

 

So I would like some advice how to deal with the situation where the RADIUS server doesn't respond. I would like root-login to be enabled then.

But I'm abit concerned that we might run into a situation where we might end up beeing locked out.

 

I have set authentication-order to radius password.

1 REPLY 1
Junos

Re: RADIUS Authentication question

‎02-04-2019 02:45 AM

Hi,

 

If the user access-request from (MX in the example) towards  AAA/Radius Server "times out", it would check for locally configured user login details called in the access-profile if your configured authentication-order [radius password].

 

Generally, admins don't rely on one AAA server, they would atleast two radius server configured so that, if one /primary radius server is consider down, the request goes to other/secondary radius server. (you have two modes, round-robin, or the default, direct)

 

 

/Karan Dhanak
# Please mark my solution as accepted if it helped, Kudos are appreciated as well.