Solved: WCL using single IP address as a Radius client - How To?

cpaquet · ‎01-22-2020

How can we set a WLC, configured with multiple WLANs, to use a single same IP address when authenticating 1X clients, regardless of which WLAN the request is coming from?

As a parallel, in the Wired world, on a Catalyst switch we can type the command: "ip radius source-interface vlan 5" This way, regardless from which VLAN the user traffic is arriving from, if the switch needs to talk to ISE (radius server), the switch also uses its IP address from vlan 5.

So, is there a way for the WLC to use always the same IP address when connecting Radius? I can't seem to find how: I have played with "Network User" and "Management" setting under Security > AAA > Radius > Authentication, but to no avail.

Thanks

Mike.Cifelli · ‎01-22-2020

So, is there a way for the WLC to use always the same IP address when connecting Radius?
-Yes. If you wish to source each vlan interface respectively you would enable 'radius server overwrite interface' which is under: WLAN id->Security tab->AAA servers. If not, disable this & it should work via mgmt ip. HTH!

View solution in original post

cpaquet · ‎01-23-2020

It works! Thank you Mike.

View solution in original post

Mike.Cifelli · ‎01-22-2020

So, is there a way for the WLC to use always the same IP address when connecting Radius?
-Yes. If you wish to source each vlan interface respectively you would enable 'radius server overwrite interface' which is under: WLAN id->Security tab->AAA servers. If not, disable this & it should work via mgmt ip. HTH!

cpaquet · ‎01-23-2020

It works! Thank you Mike.