05-27-2014 12:28 AM - edited 07-05-2021 12:54 AM
Hi,
The radius packets are being dropped on my ISE deployment because the NAS IP is being detected as the SSID IP and not the IP of the WLC. I want the IP of the WLC to be the NAS IP because the WLC is what I've configured as the NAD in the ISE itself.
Solved! Go to Solution.
05-27-2014 12:17 PM
Hi,
Can you share your wlan config?
I think "radius server overwrite interface" option is checked.
You can find this option under wlan->security->aaa servers.
If so please uncheck the box and try again.
Regards
05-27-2014 12:39 AM
You should use the NAS IP as Management interface IP of WLC.
Regards
05-27-2014 01:00 AM
I have configured the management interface IP - 192.168.1.1 (from where I access the GUI) as the NAD in ISE.
The SSID interface IP is 192.168.7.1. Obviously, since this isn't configured as a NAD in ISE, the radius packets sourced from this IP are being dropped.
I have another SSID with IP 192.168.5.1, but in this case, the NAS IP mentioned in the ISE logs indicate the WLC Management IP which is perfectly fine and this is what should happen.
05-27-2014 12:17 PM
Hi,
Can you share your wlan config?
I think "radius server overwrite interface" option is checked.
You can find this option under wlan->security->aaa servers.
If so please uncheck the box and try again.
Regards
05-27-2014 12:28 PM
Hi,
Agree with Christos.
When you enable the Radius Server Overwrite Interface option, the WLC will source all radius traffic for a WLAN using the dynamic interface configured on that WLAN.
Remove and try again.
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide