Controller Based WLANs

Can I define a RADIUS server with a FQDN instead of an IP address?

by on ‎07-07-2014 01:08 PM

Question:  Can I define a RADIUS server with a FQDN instead of an IP address?

 

Product and Software: This article applies to the Aruba 3000 Series, the 600 Series, and the M3 controllers, and ArubaOS 6.0 and later.

The "aaa authentication-server radius" configuration profile is enhanced so that the "host" knob under this profile now accepts an IP address or an FQDN. If an FQDN is configured, the controller periodically generates a DNS request and caches the IP address that is returned from the DNS response for the respective FQDN. This IP address is used to send all RADIUS transactions for the particular RADIUS server. The default period for the DNS request is 15 minutes, but it is configurable.

To configure an FQDN as the host name of a RADIUS server, give the FQDN in place of IP address as shown:

(config)#aaa authentication-server radius <Radius server name> host <FQDN of the server>

(config) #aaa authentication-server radius TEMP host authserver.com

(config) #show aaa authentication-server radius TEMP

RADIUS Server "TEMP"

--------------------

Parameter Value

--------- -----

Host authserver.com

Key ********

Auth Port 1812

Acct Port 1813

Retransmits 3

Timeout 5 sec

NAS ID N/A

NAS IP N/A

Use MD5 Disabled

Mode Enabled

To use the GUI to make the same configuration, navigate to:

Configuration > Security > Authentication > Servers > RADIUS Server > <Server-Name>

To configure DNS-Query Interval, use the knob shown in the following example so that DNS-query is sent with the configured interval.

(config) #aaa dns-query-interval ?

<1-1440> DNS query interval in minutes (default value is 15)

(config) #aaa dns-query-interval 1

(config) #show aaa dns-query-interval

DNS Query Interval = 1 minute

FQDN - IP mapping is maintained as shown here. If the DNS-query fails, the FQDN is mapped with the default-IP "127.0.0.1".

(config) #show aaa fqdn-server-names

Auth Server FQDN names

----------------------

FQDN IP Address Refcount

---- ---------- --------

authserver.com 10.15.28.100 1

Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.