It is not possible to add an alternate RADIUS Server to an existing Realm via the CLI. The command output is "ok" but the server cannot be seen when using the "view" command nor by viewing the realm through the Management Console.
The command that fails to enter a new RADIUS alternate server is as follows:
alternate-server secret s3cr3t 22.214.171.124 1812
It is not possible to change both the secret and the host port of the alternate server at the same time.
The changes to host:port must be separate from the change in the RADIUS secret. This can be done by following these steps:
Via the Management Console:
• Navigate to "Management Console > Configuration > Authentication > RADIUS > Radius Servers > Change Secret under the Alternate Server section > [Enter the Secret twice]"
• Type in the IP and port number of the server under the Alternate Server section > Apply
Via the Command Line Interface (CLI):
• Enter the following commands:
enable configure terminal security radius edit-realm realmname alternate-server secret s3cr3t alternate-server 126.96.36.199 1812 view
Note: The "view" output should now contain the alternate server we've just added.