05-07-2019 07:19 AM - edited 07-05-2021 10:20 AM
We had several radius servers over the years and currently we have two left with radius server index of 5 and 8. We did cleanup work and removed both but added them back as radius server index 1 and 2 and authentication broke after mapping it back to wlans again. We restored backup config and it works. Why would changing the radius index break connection?
05-07-2019 07:31 AM
Hi Nana,
Ideal it shouldn't cause the issue. May be the key mismatch or CoA if you configured its enabled.
Also are you getting the hits on the Radius server when the client tries to connect?
05-07-2019 08:12 AM
Yes we enabled CoA, and that is how it was prior. If we disable it, we cannot get external forescout to do CoA. What do you suggest?
05-07-2019 08:49 AM
Remove and reconfigure the Radius servers as index 1 and 2. Make sure that apart from index configuration everything is proper on the WLAN and radius server. Its seems some configuration mis matching. Post performing this changes mainly you have to check on the radius server if you are getting hits.
05-07-2019 03:39 PM
Technically this shouldn't break it.
Have you confirmed that everything has been copped across correctly and the mappings were correct?
Did you try the test radius command from the WLC CLI?
To confirm that he RADIUS was configured correctly.
Was the WLC actually passing RADIUS auth/acct to the RADIUS server that you could see in the RADIUS logs. The RADIUS logs are normally the best place to find issues as to why it didnt work, it could be something silly like the shared secret was fat fingered.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide