Problem with CISCO WIRELESS CONTROLLER and RADIUS Authentication

Gustavo Vieira Oliveira gustavov at
Thu Jul 4 14:12:40 CEST 2013


We have a Cisco Wireless Controller 5508 with Aironet 1041 APs.

To make the AP authenticate with RADIUS we need to set the following 
command manually in the AP:

- radius-server vsa send

Which as explained by cisco does the following:


Router(config)# *radius-server vsa send* [*accounting* | *authentication*]


Enables the network access server to recognize and use VSAs as defined 
by RADIUS IETF attribute 26.

The thing is, the APs can only authenticate if this command is issued in 
the AP by cli and we need that the Wireless Controller can pass this 
configuration to the APs, which it doesn't support. So, anyone know why 
is it necessary and if there is another alternative or workaround to 
make it work without it?

Nowadays we schedule a script to log in the AP and run the command.

Thanks in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the Freeradius-Users mailing list