Re: Hi,

aleopoldie · ‎08-11-2017

Hello,

I'm wondering if it's possible to have :

In the centralized site : the WLC

On the local site : The flexconnect AP's + The AAA server

The goal would be to use 802.1X method for the SSID with local authentication and local switching .

If it's working, where do we have to configure the AAA server ? On the WLC ? or only on the flexconnect group ?

Thank you,

Alexis

Juan Ibañez · ‎08-11-2017

Hi aleopoldie,

i think if you have a local AAA server, you can configure this in the Flexconnect group, and in the SSID config select Local Atuh option in advanced configuration.

aleopoldie · ‎08-16-2017

Hello Juan,

Thank you, that was also my idea.

Is AAA override needed on the WLAN (Advanced tab) ?

Divya · ‎08-17-2017

Hi,

Yes, you need to enable Flex connect Local Switching + Local Authentication on the WLAN -> Advanced settings. On the Flex connect group -> General -> Add AAA server after entering the Server ip, shared secret, primary/secondary, port number.

AAA override is required if you have any return Radius attribute like Vlan/Qos/ACL on each user basis.

Regards,

Divya

aleopoldie · ‎08-25-2017

Hi divp,

So if I understand correctly, we don't have to configure the AAA server on the WLC as we do it on the flexconnect group, right ?

I suppose we need to add the AP's as AAA clients on the AAA server.

Do we need something else ?

AL

Flexconnect Local authentication/Local switching with 802.1X ?