Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Authentication Interface in AAA Radius Configuration

Hello,

we are trying to authenticate against an Radius Server.

can you tell me witch interface will be used for the authentication Process?

With best regards

6 REPLIES
Cisco Employee

Re: Authentication Interface in AAA Radius Configuration

By default it will be the router interface where the radius server is connected to. Or alternatively if you would like to use any specific interface, you can configure the following command:

ip radius source-interface

Hope it helps.

New Member

Re: Authentication Interface in AAA Radius Configuration

Oh

I forget to say that we are trying to authenticate our WLAN Clients against an Radius Server. The Serverentries are made in the Configuration Chapter for Radius.

The Most Recent traps tell:

RADIUS Server x.x.x.x failed to respond to request (ID 2) for client .......

Is it possible that the Authentication Method uses the Management or Service Interface to contact the RADIUS Server?

We would prefer that it contact the server via the guest interface

Any Ideas?

Cisco Employee

Re: Authentication Interface in AAA Radius Configuration

Yes, you should be able to configure the source interface for the radius packet using the command provided earlier

:

ip radius source-interface

New Member

Re: Authentication Interface in AAA Radius Configuration

Even in Firmware Version 4.2

Can you please tell me where I have to enter it.

ON CLI in Config Mode it isnt possible.

Cisco Employee

Re: Authentication Interface in AAA Radius Configuration

What device does the authentication originate from? An IOS router?

4.2 is the ACS version I assume. The configuration should be done on the NAS device, not on the ACS server. Once the changes has been done on the NAS device, you would need to configure the correct ip address on the ACS server with the ip address of the interface you use for that NAS device.

New Member

Re: Authentication Interface in AAA Radius Configuration

At least it looks like this:

Client   ------------> Lightweight Access Point  ----------------> WiSM --------X--------------> Radius Server

The WISM is Firmware is state 4.2 and the RADIUS Server is configured in the AAA setting as the Authentication Server and the Accounting Server.


The WISM has multiple Interfaces factoy default: Managment, ap-manager, service-port and virtual

                    we added the interface test-Radius which is configured with the WLAN the Client connects to.

In the Trap view i can see that the Controller cannot reach the Radius Server.

I think the Controller uses the Interface management to get contact to the Radius.

But the Radius is only reachable over the test-Radius interface.

Can somebody tell me where i configure the controller to use the client interface "test-radius" to get in contect to the Radius?

Best regards

2001
Views
0
Helpful
6
Replies
CreatePlease login to create content