09-09-2015 03:56 AM - edited 07-05-2021 03:53 AM
Hi!
My main issue:
I want to be able to get the accounting radius info to several firewalls from the same SSID.
As of now we have one 5508 (sw 7.6.130.0) controller that has APs on 5 physical locations where 4 of the locations are connected with site to site vpn. All aps are setup as flexconnect.
All locations have one SSID with radius login where we're using NPS servers. I do have a NPS at every location but now its the NPS at the main location that is doing all the auth.
Since I'm unable to make more than two SSID with the same name (with different radius and accounting server), I'm struggling to get the accounting to all the firewalls. (error message: WLAN with duplicate SSID and L2 security policy found)
Is it possible to do local radius auth direct from the AP in Flex to the local NPS and thus let the local NPS return the accounting to the local firewall?
I've earlier got the local auth to work as backup auth when the controller is offline, but can't get it to work with radius integrated with NPS and AD and not the local users then one can add on the controller.
Thanks!
09-09-2015 04:49 AM
09-09-2015 06:58 AM
To build on matthew's response..
1) Select FlexConnect local auth under the WLAN setting for that single SSID
2) Put each site's APs into a FlexConnect Group
3) Edit each group to put in the local RADIUS/NPS Server to auth against
Ric
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide