Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Cisco NAS IP is SSID interface IP and not WLC IP

Hi,

The radius packets are being dropped on my ISE deployment because the NAS IP is being detected as the SSID IP and not the IP of the WLC. I want the IP of the WLC to be the NAS IP because the WLC is what I've configured as the NAD in the ISE itself.

Everyone's tags (4)
1 ACCEPTED SOLUTION

Accepted Solutions

Hi,Can you share your wlan

Hi,

Can you share your wlan config?

I think "radius server overwrite interface" option is checked.

You can find this option under wlan->security->aaa servers.

If so please uncheck the box and try again.

 

Regards

4 REPLIES
VIP Purple

You should use the NAS IP as

You should use the NAS IP as Management interface IP of WLC.

 

Regards

Community Member

I have used the management

I have configured the management interface IP - 192.168.1.1 (from where I access the GUI) as the NAD in ISE.

 

The SSID interface IP is 192.168.7.1. Obviously, since this isn't configured as a NAD in ISE, the radius packets sourced from this IP are being dropped.

 

I have another SSID with IP 192.168.5.1, but in this case, the NAS IP mentioned in the ISE logs indicate the WLC Management IP which is perfectly fine and this is what should happen.

Hi,Can you share your wlan

Hi,

Can you share your wlan config?

I think "radius server overwrite interface" option is checked.

You can find this option under wlan->security->aaa servers.

If so please uncheck the box and try again.

 

Regards

VIP Purple

Hi,Agree with Christos.When

Hi,

Agree with Christos.

When you enable the Radius Server Overwrite Interface option, the WLC will source all radius traffic for a WLAN using the dynamic interface configured on that WLAN.

Remove and try again.

Regards

 

268
Views
5
Helpful
4
Replies
CreatePlease to create content