Restrictions for Configuring RadSec
The following restrictions apply to the RadSec feature:
-
A RADIUS client uses an ephemeral port as the source port. This source port should not be used for UDP, Datagram Transport Layer Security (DTLS), and Transport Layer Security (TLS) at the same time.
-
Although there is no configuration restriction, we recommend that you use the same type, either only TLS or only DTLS, for a server under an AAA server group.
-
RadSec is not supported on the DTLS port range 1 to 1024.
DTLS ports must be configured to work with the Radius server.
-
RadSec is not supported with high availability.