Unanswered Question
Jun 2nd, 2008

The scenario is the next one:

Ten access points and one WLSE Express. One is configured as WDS with a priority of 254, other access point as WDS with a priority of 128, and the other as Infrastructure AP's. The infrastructure AP's are authenticating to the WDS AP with the RADIUS Server of a WLSE Express. There are two SSID's configured in each AP each one in a different VLAN. All the clients are authenticating with an IAS configured in a W2K3 machine with an Active Directory. There is configured a RADIUS Server in the WDS AP's, and the WLCCP authentication server for the clients points to an AAA group, also configured in these AP's, so I think that it is not possible authenticate to more than one RADIUS Server when you are using WDS (I can do this if I do not use WDS because I use the AAA group server configured in each SSID, but in a WDS environment the infrastructure AP do not use the RADIUS server configured in the SSID but the RADIUS server of the WDS set up). So every user can authenticate in all the SSID's, the problem is that one of the SSID's is set up for guests and we want to make some access lists with a firewall to filter the access of every user. The question will be: Can we configure two or more RADIUS Servers when I am using WDS to authenticate users in two SSID's? Maybe the solution to the problem is to configure the IAS Server correctly but I think that this server does not know the SSID of the user that is authenticating.

Thanks in advance

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)
ebreniz Fri, 06/06/2008 - 06:15

As far as I know, the ap's have to register themselves with the wds, ap but they cannot do this until the wd sap authenticates against a radius server, in this case its our wlse.

WLSE is just a monitoring device in the WDS topology. If your wlse goes down, WDS will be UP. Wireless network will be UP too.


This Discussion



Trending Topics: Other Wireless Mobility

client could not be authenticated
Network Analysis Module (NAM) Products
Cisco 6500 nam
reason 440 driver failure
Cisco password cracker
Cisco Wireless mode