Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Getting an AP to send SSID in radius request

Hi everyone,

I am trying to get my Cisco AP's to send the SSID or some kind of identifier of the SSID in the radius request attributes.

This is needed for user realm mapping on my radius server.

Any ideas on how this could be achieved?

Nicolai

2 REPLIES

Re: Getting an AP to send SSID in radius request

Nicolai,

The SSID is included in the 'Called-Station-ID' attribute as part of the RADIUS Access-Request.

Quote from RFC 3580:

http://www.ietf.org/rfc/rfc3580.txt

3.20.  Called-Station-Id

   For IEEE 802.1X Authenticators, this attribute is used to store the

   bridge or Access Point MAC address in ASCII format (upper case only),

   with octet values separated by a "-".  Example: "00-10-A4-23-19-C0".

   In IEEE 802.11, where the SSID is known, it SHOULD be appended to the

   Access Point MAC address, separated from the MAC address with a ":".

   Example "00-10-A4-23-19-C0:AP1".

The RADIUS must then retrieve the information from the RADIUS Access-Request packet.
Regards,
Anders

New Member

Getting an AP to send SSID in radius request

From what i experienced, the SSID should be appended to the MAC in the Called-Station-ID attribute but seems like this is only the case if you are using a WLC.

Without WLC, it can be send as a Cisco AVpair in a VSA preconditioned "radius-server vsa send authentication" is set,

but i did not find a way to append it to the Called station ID.

2549
Views
0
Helpful
2
Replies
CreatePlease login to create content