Controller-less WLANs

IAP-Dynamic radius proxy ip configuration and troubleshooting

 

How to configure and troubleshoot Dynamic radius proxy ip configuration on IA

 

Issue:

When radius servers are reachable only on specific VLANs, IAPs uplink or native VLAN cannot be used for Radius authentication.
 
Solution:

Dynamic Radius Proxy IP feature enhances VC VLAN feature and allows configurable VLAN and Source IP for different authentication servers.
 
 
Below Is the configuration with regard to Dynamic Radius Proxy-IP

UI configuration

rtaImage.jpg

rtaImage.jpg
CLI configuration

Pre-requisite Configurations :


(Instant)(config)# virtual-controller-ip <IP-address>
(Instant)(config)# dynamic-radius-proxy  


DRP-IP Configurations for auth-server:
 

(Instant)(config)# wlan auth-server <server-name>
(Instant )(Auth Server "server-name")# ip <radius-server>
(Instant )(Auth Server "server-name")# key <server-password>
(Instant )(Auth Server "server-name")# drp-ip <IP> <mask> vlan <VLAN> gateway <gateway>


Auth-server configuration in Wired and Wireless profiles:
 

(Instant )(config)# wlan ssid-profile <ssid-name>
(Instant )((SSID Profile "ssid-name")# auth-server <server-name>

(Instant )(config)# wired-port-profile <wired-profile-name>
(Instant )(wired ap profile wired-profile-name)# auth
-server <server-name>

Troubleshooting

Show datapath sbr


rtaImage.jpg

From Packet capture:

rtaImage.jpg


Version history
Revision #:
1 of 1
Last update:
‎06-27-2014 06:43 AM
Updated by:
 
Labels (1)
Contributors
Search Airheads
Showing results for 
Search instead for 
Did you mean: 
Is this a frequent problem?

Request an official Aruba knowledge base article to be written by our experts.