Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
858
Views
0
Helpful
4
Replies

Radius Server index rearrangement

Nana Banahene
Level 1
Level 1

‎05-07-2019 07:19 AM - edited ‎07-05-2021 10:20 AM

We had several radius servers over the years and currently we have two left with radius server index of 5 and 8. We did cleanup work and removed both but added them back as radius server index 1 and 2 and authentication broke after mapping it back to wlans again. We restored backup config and it works. Why would changing the radius index break connection?

Labels:
0 Helpful
4 Replies 4

Sathiyanarayanan Ravindran
Spotlight
Spotlight

‎05-07-2019 07:31 AM

Hi Nana,

 

Ideal it shouldn't cause the issue. May be the key mismatch or CoA if you configured its enabled.

 

Also are you getting the hits on the Radius server when the client tries to connect?

 

 

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)
0 Helpful

Nana Banahene
Level 1
Level 1
In response to Sathiyanarayanan Ravindran

‎05-07-2019 08:12 AM

Yes we enabled CoA, and that is how it was prior. If we disable it, we cannot get external forescout to do CoA. What do you suggest?

0 Helpful

Sathiyanarayanan Ravindran
Spotlight
Spotlight
In response to Nana Banahene

‎05-07-2019 08:49 AM

Remove and reconfigure the Radius servers as index 1 and 2. Make sure that apart from index configuration everything is proper on the WLAN and radius server. Its seems some configuration mis matching. Post performing this changes mainly you have to check on the radius server if you are getting hits. 

Regards,
Sathiyanarayanan Ravindran

Please rate the post and accept as solution, if my response satisfied your question:)
0 Helpful

Haydn Andrews
VIP Alumni
VIP Alumni

‎05-07-2019 03:39 PM

Technically this shouldn't break it.

Have you confirmed that everything has been copped across correctly and the mappings were correct?

 

Did you try the test radius command from the WLC CLI?

https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/212473-verify-radius-server-connectivity-with-t.html

 

To confirm that he RADIUS was configured correctly. 

Was the WLC actually passing RADIUS auth/acct to the RADIUS server that you could see in the RADIUS logs.  The RADIUS logs are normally the best place to find issues as to why it didnt work, it could be something silly like the shared secret was fat fingered.

 

 

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card