cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2410
Views
0
Helpful
7
Replies

Mobility Express Auth issue with ISE & Cloud Radius server

ittechk4u1
Level 4
Level 4

Hello Experts,

 

I am facing an issue with Mobility express AP/WLC.

1st WLAN: 802.1x with ISE as Radius

2nd WLAN: 802.1x with Cloud RADIUS SERVER

 

Switch Port config where AP/WLC is connected:

 

interface GigabitEthernet3/0/43
switchport trunk native vlan 80
switchport trunk allowed vlan 80,92,172
switchport mode trunk

 

Scenaraio:

Once I configure cloud radius on WLC, all my SSIDs (auth with ISE) stop working except one SSID (auth via Cloud radius).

 

If i remove the cloud radius info from WLC and reboot it then all SSID(auth with ISE) works again and ofocurse one SSID(auth with cloud radius) doesnt work.

 

What can be the issue ?

 

 

Thanks in advance

 

7 Replies 7

Did you check from your ME mgt IP, you have the reachability to the cloud radius server on UDP port 1812/1813.

 

It is normal that when you have a single RADIUS server configured on WLC, you do not want to specifically list that under WLAN configuration. So when you remove clout RADIUS, by default all RADIUS requests go to internal ISE and all working.

 

HTH

Rasika

*** Pls rate all useful responses ***

 

 

Thanks Rasika.

 

Cloud RADIUS are using 1866 and 1867 port for authentication & accounting.

 

I am using ISE as RADIUS server on wlan 1 and using cloud RADIUS on 2nd wlan, means total diff wlans but its impacting whole wireless network.

 

What could be the reason ?

 

Thanks again

can anyone help ?

Seems like you didn't setup your radius properly.  If you are using multiple radius servers to authenticate clients, you must also create a radius group or make sure that the radius server is specified on the wlan.  This also means that the global radius settings for network user remains unchecked.  Post some screen shots of your wlan and radius setup so its easy for use to understand how things are configured.

-Scott
*** Please rate helpful posts ***

Thanks Scott.

 

In total i have configured three RADIUS server in Mobility express WLC and each wlan is configured for specific RADIUS server.

 

Please see the screenshot, all radius server:Global_Radius list.png

 

wlan specific RADIUS server:

WLAN_Radius.png

 

 

Thanks in advance

 

@Scott Fella & @rasip  do you have any idea...why its falling ?

Guys, anyone can help me ?

Review Cisco Networking for a $25 gift card