02-09-2011 08:00 AM - edited 07-03-2021 07:48 PM
Hello guys, I need some bailout here. I have a WLC 5508 which i have configured for AP's but i would like to use the windows server 2008 as the radius server to authenticate the Active directory users.
Can i use a separate windows server 2008 as the radius server or I have to use the same server working as the Active directory?
I don't want to request unnecessary server from my client.
Rgds,
Anthony
02-10-2011 02:31 PM
Hi Joe,
you have two choices:
if your windows 2008 radius server can integrate with AD for credentials fetching then you can use it as an Authentication Server Radius on the WLC
or you can do local eap on the wlc and then choose the AD as an LDAP directory for credential fetching directly from the wlc. Local EAP is not recommended for large scale deployments. keep that in mind as well.
If you need more help, let us know.
Thanks
Serge
02-10-2011 11:51 PM
Hi Serge,
Thank you for the info.
If i choose option 2 to use local eap on the wlc, is it the option which requires the AD to return requests for username & password in plaintext?
Rgds,
Anthony
02-11-2011 01:17 AM
Hi Anthony,
That is correct. Unless if you use secure LDAP then the credentials are secured inside the tunnel.
Thanks
Serge
04-29-2011 12:02 PM
I am trying to take my WLC 5508 and have backend authentication through LDAP using web auth. i have tried and tried to set this up but it fails everytime.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide