802.1x Radius setup

Highlighted
wintechie_io
Occasional Contributor I

802.1x Radius setup

Hi everyone, I´m trying to setup a network with 802.1x, everything fine with one AP, put the AP ip address in the NPS configuration and it worked flawlessly. Now I need to plan a deployment with 12 APs, which IP address shall I use? the user guide says: "NAS IP address—Enter an arbitrary IP address to be used as RADIUS attribute 4, NAS IP Address, without changing source IP Address in the IP header of the RADIUS packet." What is "arbitrary" in this case? any of the APs IP adresses? what it that AP is down? Should I use an address not used in the same segment? the latter is like the IP address we set to Instant´s VC Thanks for your comments
0 Kudos
4 Replies
Employee
Employee

Re: 802.1x Radius setup

@wintechie_io  The arbitrary would be an IP address that you would use across all AP's to communicate with the Radius server like an Instant VC.

axthemax
Contributor I

Re: 802.1x Radius setup

I suppose you have to configure your Radius server somehow to allow any client on the subnet and use some sort of username/password for security / authentication. What kind of radius server exacly are you using? MS or maybe the C-word again?
wintechie_io
Occasional Contributor I

Re: 802.1x Radius setup

When the AP connects to the Radius will show it´s IP address but it won´t match with that "arbitrary" IP, how would the Radius accept the credential exchange not having matched the source IP? just using the shared secret? When using Instant you set the VC IP and put this IP as a Radius client, they match How does it work in Instant On setup?
Employee
Employee

Re: 802.1x Radius setup

I need to indicate a correction here. Right now, we need to configure the RADIUS server to allow all APs individually or a rule must allow the entire subnet. But, we are constantly looking to enhance the solution (with software updates) to make it simpler for the user.

0 Kudos