Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
428
Views
3
Helpful
2
Replies

Cisco Spaces OpenRoaming / WLC AAA Config

rretanag099
Level 1
Level 1

‎07-30-2024 02:18 PM

Hi,

 ¿ Does anyone knows why Cisco Spaces Openroaming configuration on WLC creates an AAA method for exec authz?

The authentication method is used for dot1x , and the identity accounting goes to the wireless profile policy, but I´m trying hard to figure it out why the configuration generated for IOS-XE needs the exec method.

Configuration lines created by Openroaming profile on Spaces:

aaa authentication dot1x OpenRoaming_AUTH group OpenRoaming_GRP
aaa authorization exec Openroaming_AUTHZ group OpenRoaming_GRP
aaa accounting identity OpenRoaming_ACCT start-stop group OpenRoaming_GRP

wireless profile policy OpenRoaming_PP
accounting-list OpenRoaming_ACCT

wlan OpenRoaming 20 OpenRoaming
security dot1x authentication-list OpenRoaming_AUTH

 

 

 

 

 

0 Helpful
2 Replies 2

Haydn Andrews
VIP
VIP

‎07-30-2024 09:00 PM - edited ‎07-30-2024 09:01 PM

Not 100%, my Openroaming is working fine without it, however DNAC provisioned AAA for it does aaa authorization network command.

Openroaming from an AAA side is basically just EAP-TLS where the connectors are the RADIUS server and the Authz rule is generally not required for that setup

 

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***

Haydn Andrews
VIP
VIP

‎07-31-2024 08:30 PM

Add this I have asked the Spaces BU and they havent provided an answer as to the reason either

*****Help out other by using the rating system and marking answered questions as "Answered"*****
*** Please rate helpful posts ***
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card