Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
883
Views
0
Helpful
6
Replies

Customer Radius

elilimor3005
Level 1
Level 1

‎02-06-2013 05:42 AM - edited ‎07-03-2021 11:29 PM

Hi Guys,

I have a quick question:

We use a Flex7500 with local switching and centeral authentication.

My question is can i use the Customer's radius server in order to authenticate? or should my WLC have IP conncetivity to any radius server im adding?

I guess what i'm really asking is should my WLC know the radius server or does the request can go back to the AP and from there to customer radius on his subnet?

Thanks,

Eli                  

Labels:
0 Helpful
6 Replies 6

George Stefanick
VIP Alumni
VIP Alumni

‎02-06-2013 06:06 AM

Your wlc needs communicate with the radius server ..

Sent from Cisco Technical Support iPhone App

"Satisfaction does not come from knowing the solution, it comes from knowing why." - Rosalind Franklin
___________________________________________________________
0 Helpful

David Watkins
Level 4
Level 4

‎02-06-2013 06:58 AM

It depends on if you're configured to perform "local auth" or not.  If you are, you still need to "add" the RADIUS server/secret to the WLC as this will let you apply to the desired FlexConnect group for Local Auth, but on RADIUS you will just need to add the AP as a RADIUS client because Local Auth will make your AP the authenticator in this scenario.  You will only need to add the WLC as a RADIUS client "if" the WLC will be performing authentications centrally.

0 Helpful

elilimor3005
Level 1
Level 1

‎02-12-2013 06:29 AM

Hi guy's

Sorry for the late reply, i was busy with other issues.

Let's assume i'm doing a local authentication module. do i need to just add the radius under Security -> Radius and assign it to the costumer wlan?

How do i configure that?

Thanks in advance

Eli

0 Helpful

David Watkins
Level 4
Level 4
In response to elilimor3005

‎02-12-2013 07:00 AM

If you're performing Local Auth; that's one of the steps.  You will need to add the RADIUS server in your WLC SECURITY > AAA > Radius > Authentication section.  (This makes it available to your WLC but also selectable from a FlexConnect group configuration)

You will then need to create a FlexConnect Group where-by you specify that RADIUS server as your primary backup server.  You can then add the FlexConnect APs to this group that you want to hit this RADIUS server.

Lastly, make sure you add the "AP" to your RADIUS server as the NAS/RADIUS Client because the AP will be talking to RADIUS, not the WLC in this case.  You can also have WLC hit this if you desire, but any APs performing local Auth will also need to be added to RADIUS.

0 Helpful

David Watkins
Level 4
Level 4
In response to David Watkins

‎02-12-2013 07:07 AM

And of course make sure your WLAN is configured for Local Auth as well in the Advanced tab

0 Helpful

elilimor3005
Level 1
Level 1

‎02-12-2013 11:19 PM

Thanks for the answers guys.

As i understand i should configure the RADIUS under SECURITY > AAA > Radius > Authentication and then go the WLAN > Security > AAA Server and mark my server.

Should i do that or through the FlexConnect Group like David suggested or both?

I'm now facing a problem where i can see my AP getting the AAA requestes but it doesn't relay them to my local RADIUS.

By the way what username and password should i enter in my PC when asked for? everything i enter i get 'authentication failed' on the AP.

Thanks

Eli

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card