Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
757
Views
0
Helpful
2
Replies

two different radius authentication methods on one guest wlan

Steffen Lindemann
Level 1
Level 1

‎06-30-2009 03:46 AM - edited ‎07-03-2021 05:46 PM

I would like to use two different radius servers to one guest wlan.

One radius server is the Cisco NAC guest server, but I would like to use e.g. a RSA SecurID server as the second.

If the user does not exsist on the NAC guest server, the wlc should check the RSA server.

As I understand the servers mentioned under the layer 3 config tab on the wlan configuration tab is doing round-robin.

Is there any way that I can implement this?

Best regards,

Steffen Lindemann

Labels:
0 Helpful
2 Replies 2

dancampb
Level 7
Level 7

‎06-30-2009 06:04 AM

This could be difficult. The controller will send requests to the configured primary server until it is unavailable, then it would try the secondary. If the first one sends back an access-reject the controller would never send a request to the secondary server.

0 Helpful

tim.riegert
Level 1
Level 1
In response to dancampb

‎07-13-2009 07:28 AM

Is there anything on the roadmap for the NAC guest server to use AD as an external database?

It seems like it shouldn't be too difficult since the server is already using AD to map sponsor roles.

We really would prefer to use a single SSID instead separate SSIDs for guest and domain accounts.

Thanks in advance!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card