12-14-2022 01:29 PM
Really struggling here and managed to lock myself out of my WLC. I have setup the radius device IP and network policy using service type as administrative. NPS works for access my switches and routers so I know its working. I moved radius to the top in the WLC above LOCAL so it will use radius auth. but now nothing works, not even local admin, which means its talking to radius server just not configured right for a policy. Where do I go next.?
12-14-2022 02:06 PM
what model WLC?
In order to get back in with Local auth remove the WLC as a NAD form the RADIUS server and it should fail back to local auth
12-14-2022 08:37 PM
Did you get this taken care of, or are you still needing help.
12-15-2022 08:14 AM
Policies are different because of the GUI. So your conditions you use for a switch and router will only work for ssh on the controller. You need to define a few attributes for AireOS. Take a look at this guide.
Management Access for AireOS WLC through Microsoft NPS - Cisco
12-15-2022 08:45 AM
This did not work.
12-15-2022 09:25 AM - edited 12-15-2022 09:27 AM
I don't have any more recommendations. I've used NPS back in the day's and moved to Cisco ISE for TACACS. Your only option is to search other guides and blogs to see how folks have integrated AireOS WLC's with MS NPS.
Your radius logs will point you to where its failing and then you can search that up. You should have a separate policy for your wired vs your wireless due to the attributes you need for AireOS.
12-15-2022 10:52 AM
Get TAC on the phone.
12-15-2022 11:33 PM
@Scott Fella guide is what needs to be done.
I've both AireOS and C9800 using NPS for admin access using RADIUS and it works fine, so yours might be a problem (the only steps I've not configured in my NPS profile are neither to mark the "NAS Identifier" condition as we are using NPS for all network devices so left that on the default "Use windows Authentication for all users", nor to use the "NAS-Prompt" for read-only access)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide