Radius over IPsec

momo33 · ‎08-31-2018

Hello,

I'm trying to set RADIUS over IPsec between a WLC 5520 and Windows Server 2016.

The RADIUS part works fine on it's own. My problem is I can't make the IPsec protion work at all.

I have found an old guide but it seems that too many things have changed in 15 years.

Am I still supposed to use the options in NPS or could I use the "Connection Security Rules" in Windows Firewall to set the IPsec settings on the server?

Thank you

Flavio Miranda · ‎08-31-2018

Hi

Basic questions but necessary: any problem with routing? Are you using ACL on the VPN? If so, they are permitting RADIUS port?

You can validade both of it using the command "test" on the WLC side. It simulates a RADIUS request.

-If I helped you somehow, please, rate it as useful.-

momo33 · ‎08-31-2018

Hi Flavio,

Thank you for your response. There are no routing done between the 2 devices and no ACLs being used.

I have tested the RADIUS part and that works fine.

Flavio Miranda · ‎08-31-2018

What is not clear to me is if the radius request from the WLC is actually getting on your radius server

-If I helped you somehow, please, rate it as useful.-

momo33 · ‎09-01-2018

It is. I was able to authenticate to the WLAN with a certificate from a client. I could see the radius request and radius accept.

momo33 · ‎09-04-2018

Anyone?