04-09-2013 10:52 AM - edited 07-03-2021 11:52 PM
Hi,
I have a 5508 controller running 7.4.100 and have a WLAN where I have radius configured. On my controller the client machine I'm using appears but the radius authentication doesn't appear to be working. Is there anything on the controller I can do to verify that the request is even being sent to my Microsoft IAS server? The log on the server doesn't show any requests from the controller so my early days guess is the controller isn't actually sending it.
04-09-2013 11:49 AM
I would span the port(a) the WLC is connected to and check for the packet there.
Steve
Sent from Cisco Technical Support iPhone App
04-09-2013 12:33 PM
Hi,
I foiund the issue. I am using the management port and the service port on my 5508. The requests to my radius server appear to be coming from the service port, when I setup the radius client to be the management port IP. I would have assume that communication from the service port wouldn't have done requests of this nature. When I changed my radius client config to reflect the IP of the service port instead the authentication works now.
I used the command debug aaa events enable to verify that the request was actually being sent to the radius server at all. nothing in that command told me however that the sending port wasn't the management port, which was confusing and my assumption all along.
04-09-2013 12:37 PM
The service port is for out of band management only.
Steve
Sent from Cisco Technical Support iPhone App
12-05-2022 03:23 AM
Here you can find some advice on the topic:
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: