Forum Discussion

sudarshan_cheru's avatar
Icon for Altostratus rankAltostratus
Oct 15, 2020

f5 pool settings for loadbalancing cisco ISE radius servers

Hi , whats the best choice to choose , service-down-action settings for the cisco ISE radius server loadbalancing.


I have only one server under the pool with current f5 setup as below. UDP default profiile, Default Source address Persistence and no snat allow at pool level.


Just want to know , how better i can tune the setup to avoid Radius High Authentication Latency.


ltm virtual ise-1645-vip {


  ip-protocol udp


  persist {

    source_addr {

      default yes



  pool ise-1645-pool

  profiles {

    udp { }



  translate-address enabled

  translate-port enabled

  vs-index 228





ltm pool ise-1645-pool {

  allow-snat no

  members { {


      priority-group 10

      session monitor-enabled

      state up



  min-active-members 1

  monitor radius-ise

  service-down-action reset



ltm monitor radius radius-ise {

  debug no

  defaults-from radius

  destination *:*

  interval 180

  password "****"

  secret "****"

  time-until-up 0

  timeout 361

  username HealthCheck