Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Authentication with more Radius servers on different SSIDs

Hello to everibody.

I have a network with some autonomous Access Point Aironet 1200, and on every Access Point I have configured 3 SSID and each SSID is associated to one VLAN.

For exaple:

SSID white --> VLAN 10 --> Radius A

SSID red --> VLAN 20 --> Radis B

SSID green --> VLAN 30 --> Radius C

My question is:

Is it possible to use 3 Radis servers, each on a different VLAN, and to have that each Client Associated to his SSID, will authenticate on the Radis of the relative SSID ?

Foe example:

- Client X associated to SSID white will autheticate on Radis A

- Client Y associated to SSID green will auhenticate on Radius C

If we have anynotice about this argument,give me the links.

Thanks.

1 REPLY
Cisco Employee

Re: Authentication with more Radius servers on different SSIDs

Hi,

Yes, you can do this. Via the GUI, you have the option of selecting the specific RADIUS server you want to use for a selected SSID. So, after defining the VLANs and RADIUS Servers, you'd configure each SSID on the "SSID Manager" page. On that page, you have an option to set "Server Priority." You'd want to select the "customize" radio button and use the dropdown to select the RADIUS server you want to use for the SSID.

I've attached the output of a command line configuration for your reference as well. The only caveats I warn about are: 1. That the servers must all be reachable from the ip address of the AP; 2. that the ip address of the AP must be configured in RADIUS as the "NAS" or "AAA Client" ip address; and 3. that the keys match on both RADIUS and the AP for each server (in the CLI output, these were configured as 'test10', 'test20', and 'test30').

Hope this helps,

Ben

165
Views
0
Helpful
1
Replies
CreatePlease to create content