Problem with CISCO WIRELESS CONTROLLER and RADIUS Authentication

Arran Cudbard-Bell a.cudbardb at freeradius.org
Thu Jul 4 14:23:49 CEST 2013


On 4 Jul 2013, at 13:12, Gustavo Vieira Oliveira <gustavov at sc.senai.br> wrote:

> Hello!
> 
> We have a Cisco Wireless Controller 5508 with Aironet 1041 APs.
> 
> To make the AP authenticate with RADIUS we need to set the following command manually in the AP:  
> 
> - radius-server vsa send
> 
> Which as explained by cisco does the following:
> 
> Command
> 
> Purpose
> 
> Router(config)# radius-server vsa send [accounting | authentication]
> 
> 
> Enables the network access server to recognize and use VSAs as defined by RADIUS IETF attribute 26.
> 
> 
> The thing is, the APs can only authenticate if this command is issued in the AP by cli and we need that the Wireless Controller can pass this configuration to the APs, which it doesn't support. So, anyone know why is it necessary and if there is another alternative or workaround to make it work without it?
> 
> Nowadays we schedule a script to log in the AP and run the command.

This is FreeRADIUS related how?

Arran Cudbard-Bell <a.cudbardb at freeradius.org>
FreeRADIUS Development Team



More information about the Freeradius-Users mailing list