Controller-less WLANs

Dynamic Radius Proxy IP feature on IAP 4.0

by on ‎06-29-2014 04:29 PM
 
Typically common issue is When radius servers are reachable only on specific VLANs, IAPs uplink or native VLAN cannot be used for Radius authentication.

Solution:
------------
Dynamic Radius Proxy IP feature enhances VC VLAN feature and allows configurable VLAN and Source IP for different authentication servers.

Deployment Scenario:-
--------------------------------


rtaImage.jpg

From Webui:-
---------------

rtaImage.jpg


rtaImage.jpg




rtaImage.jpg

Configuration from CLI:-
-------------------------------

•       Pre-requisite Configurations :
(Instant Access Point)(config)# virtual-controller-ip <IP-address>
(Instant Access Point)(config)# dynamic-radius-proxy 

•       DRP-IP Configurations for auth-server:
(Instant Access Point)(config)# wlan auth-server <server-name>
(Instant Access Point)(Auth Server "server-name")# ip <radius-server>
(Instant Access Point)(Auth Server "server-name")# key <server-password>
(Instant Access Point)(Auth Server "server-name")# drp-ip <IP> <mask> vlan <VLAN> gateway <gateway>

•       Auth-server configuration in Wired and Wireless profiles:
(Instant Access Point)(config)# wlan ssid-profile <ssid-name>
(Instant Access Point)((SSID Profile "ssid-name")# auth-server <server-name>
(Instant Access Point)(config)# wired-port-profile <wired-profile-name>
(Instant Access Point)(wired ap profile wired-profile-name)# auth-server <server-name>

Troubleshooting:-
-----------------------

rtaImage.jpg


 

Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.