Controllerless Networks

last person joined: yesterday 

Instant Mode - the controllerless Wi-Fi solution that's easy to set up, is loaded with security and smarts, and won't break your budget
Back to discussions
Expand all | Collapse all

Source IP address for Authenticator with IAP dot1x

This thread has been viewed 2 times

  • 1.  Source IP address for Authenticator with IAP dot1x

    Posted Mar 01, 2018 01:45 PM

    Hello,

    I have an IAP cluster with Dot1x configured, and the RADIUS server Microsoft Domain Controller with the NPS role enabled for EAP-TLS. On the DC or any RADIUS controller, the IP address of the authenticator needs to be configured. In the setup I have, the authenticator keeps changing. The source IP address of the authenticator is the one of the AP to which the supplicant is associated and changes when the supplicant moves to a different AP. I have an IP address for the Virtual Controller configured and it works, I can access the VC through this address. Is this the expected behavior? Does it mean that I need to configure the IP addresses of all the APs as clients on the DC or RADIUS server?

    Thank you,

    Christophe.



  • 2.  RE: Source IP address for Authenticator with IAP dot1x

    EMPLOYEE
    Posted Mar 01, 2018 01:49 PM
    You need to enable Dynamic RADIUS proxy and then the NAS-IP will be the VC’s address.


  • 3.  RE: Source IP address for Authenticator with IAP dot1x

    EMPLOYEE