Controller-less WLANs

Dynamic Radius Proxy IP feature on IAP 4.0

Aruba Employee
 
Typically common issue is When radius servers are reachable only on specific VLANs, IAPs uplink or native VLAN cannot be used for Radius authentication.

Solution:
------------
Dynamic Radius Proxy IP feature enhances VC VLAN feature and allows configurable VLAN and Source IP for different authentication servers.

Deployment Scenario:-
--------------------------------


rtaImage.jpg

From Webui:-
---------------

rtaImage.jpg


rtaImage.jpg




rtaImage.jpg

Configuration from CLI:-
-------------------------------

•       Pre-requisite Configurations :
(Instant Access Point)(config)# virtual-controller-ip <IP-address>
(Instant Access Point)(config)# dynamic-radius-proxy 

•       DRP-IP Configurations for auth-server:
(Instant Access Point)(config)# wlan auth-server <server-name>
(Instant Access Point)(Auth Server "server-name")# ip <radius-server>
(Instant Access Point)(Auth Server "server-name")# key <server-password>
(Instant Access Point)(Auth Server "server-name")# drp-ip <IP> <mask> vlan <VLAN> gateway <gateway>

•       Auth-server configuration in Wired and Wireless profiles:
(Instant Access Point)(config)# wlan ssid-profile <ssid-name>
(Instant Access Point)((SSID Profile "ssid-name")# auth-server <server-name>
(Instant Access Point)(config)# wired-port-profile <wired-profile-name>
(Instant Access Point)(wired ap profile wired-profile-name)# auth-server <server-name>

Troubleshooting:-
-----------------------

rtaImage.jpg


 

Version history
Revision #:
1 of 1
Last update:
‎06-29-2014 04:29 PM
Updated by:
 
Labels (1)
Contributors
Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.