We have two RADIUS
server for SecureID token auth for VPN and i have configure 10.1.1.1
(primary) but don't know how to configure 10.1.1.2
(backup radius)
This is what i have currently
aaa-server SecureID protocol radius
aaa-server SecureID (inside) host 10.1.1.1
key *****
authentication-port 1812
accounting-port 1813
...
...
tunnel-group ANYCONNECT-PROFILE type remote-access
tunnel-group ANYCONNECT-PROFILE general-attributes
address-pool ANYCONNECT-POOL
authentication-server-group SecureID
default-group-policy GroupPolicy_ANYCONNECT-PROFILE
Best Answer
You can add the second server to the "SecureID" Server Group as well:
Because both AAA Server in the same Server Group (server_tag) there automaticly used for the tunnel-group.
See this example from the Cisco CLI Guide: https://www.cisco.com/c/en/us/td/docs/security/asa/asa90/configuration/guide/asa_90_cli_config/aaa_servers.html#27362