cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Announcements
Choose one of the topics below to view our ISE Resources to help you on your journey with ISE

This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC! We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.

443
Views
5
Helpful
2
Replies
Highlighted
Beginner

WCL using single IP address as a Radius client - How To?

How can we set a WLC, configured with multiple WLANs, to use a single same IP address when authenticating 1X clients, regardless of which WLAN the request is coming from?

 

As a parallel, in the Wired world, on a Catalyst switch we can type the command:  "ip radius source-interface vlan 5"  This way, regardless from which VLAN the user traffic is arriving from, if the switch needs to talk to ISE (radius server), the switch also uses its IP address from vlan 5.  

 

So, is there a way for the WLC to use always the same IP address when connecting Radius?  I can't seem to find how:  I have played with "Network User" and "Management" setting under Security > AAA > Radius > Authentication, but to no avail.

 

Thanks

2 ACCEPTED SOLUTIONS

Accepted Solutions
Highlighted
VIP Engager

So, is there a way for the WLC to use always the same IP address when connecting Radius?
-Yes. If you wish to source each vlan interface respectively you would enable 'radius server overwrite interface' which is under: WLAN id->Security tab->AAA servers.  If not, disable this & it should work via mgmt ip.  HTH!

View solution in original post

Highlighted

It works! Thank you Mike.

View solution in original post

2 REPLIES 2
Highlighted
VIP Engager

So, is there a way for the WLC to use always the same IP address when connecting Radius?
-Yes. If you wish to source each vlan interface respectively you would enable 'radius server overwrite interface' which is under: WLAN id->Security tab->AAA servers.  If not, disable this & it should work via mgmt ip.  HTH!

View solution in original post

Highlighted

It works! Thank you Mike.

View solution in original post