Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Bronze

confused by AAA server behaviour on WLC

Hello,

Maybe a stupid question, but i am confused about a customers configuration of specific AAA servers on a WLAN.

Suppose i have configured 5 global authentication and accounting servers (and "network user" option is enabled)

If i enable accounting and i enable authentication, but i do NOT specify any specific servers, what is the result going to be ?

In this case, does the WLC send radius accounting records ? My thought is YES, he will send accounting records and he will send them to the global accounting servers, lowest index first.

Although, this is not very clear, since at the WLAN level , i do see "NONE" for each server.

If i want to prevent the WLC from sending accounting records - for this specific WLAN ONLY -, then i MUST remove the checkmark from "enabled".

Enabling accounting, but setting all servers to "None" is not the way to go here.

Is this correct ?

PS. Running version 7.4.110.0

3 REPLIES

confused by AAA server behaviour on WLC

Hi mate,

First of you should check if anything is configured under Security --> AAA --> RADIUS --> Authentication/Accounting.

On each WLAN you can specify one of the already configured servers or NOT. If you choose not to specify it will pick up one of the "Global configured" servers based on the Server Index ID.

Cisco Employee

confused by AAA server behaviour on WLC

If none of any server is configured or mapped with WLAN ID then how radius server authentication will take place for that WLAN ID?

For radius authentication its also mandatory that the WLAN should be mapped with 802.1x ...

Please find the link to configure the proper radius authentication:-

http://www.cisco.com/en/US/tech/tk722/tk809/technologies_configuration_example09186a0080782507.shtml

New Member

confused by AAA server behaviour on WLC

I have following scenario

- Reciprocal Wireless Access with the University on a single WLAN

- authentication & accounting configured to go to my RADIUS servers only on that WLAN at Uni controllers

Yet I am getting thousands of RADIUS accounting messages from the University forcing my RADIUS to profile all of the University devices.

The question is - is this a global setting that can't be changed?

247
Views
0
Helpful
3
Replies
CreatePlease login to create content