cancel
Showing results for 
Search instead for 
Did you mean: 

About 802.11x + RADIUS configuration

law_william
New Contributor II
Currently I have WLANS "RADIUS" with 802.1x , AAA server "RADIUS" and I can connect this with my laptop and mobile device.

Then I want to create new WLANS "OFFICE" with 802.1x and same AAA server.

But I was failure to connect ....

If I changed 802.1x to open, I can connect to "OFFICE".

Thus what's the reason of the connection ?

Thanks
11 REPLIES 11

Have you tried the "Testing Authentication" utility? Also, what model and version of ZoneDirector are you running? Did you try to remove the "RADIUS" WLAN as suggested?

Here is how you can try the "Testing Authentication" utility.

1. On the Configure > AAA Servers page, locate the Test Authentication Settings section.
2. Select the authentication server that you want to use from the Test Against drop-down menu.
3. In User Name and Password, enter an Active Directory, LDAP or RADIUS user name and password.
4. Click Test.

If ZoneDirector was able to connect to the authentication server and retrieve the configured groups/attributes, the information appears at the bottom of the page. The following is an example of the message that will appear when ZoneDirector:

* authenticates successfully with the server:
Success! Groups associated with this user are “{group_name}”. This user will be assigned a role of {role}.

If the test was unsuccessful, there are three possible results (other than success) that will be displayed to inform you if you have entered information incorrectly: • Admin invalid • User name or password invalid • Search filter syntax invalid (LDAP only) 

Hi Roberto,

Since "RADIUS" is in production, I don't want any impact on it this moment.

For "Test Authentication", should I use "william.law" as user name for testing ?

If yes, even working AAA server also failure.

Only succeed on "Active Directory"

Image_ images_messages_5f91c469135b77e247a6da72_0f34b866bebe62f6dead6e5c4164acea_RackMultipart2018082443001ec1g-7ea3b765-cfe5-46ad-9c90-c468df95e411-758457243.jpg1535084279Image_ images_messages_5f91c469135b77e247a6da72_c7e2cf7eeb8ec4ecd0aecf02b04527c7_RackMultipart20180824312541i5k-71acfee3-f189-46da-b024-ccb6615d2cbe-222380103.jpg1535084332

Image_ images_messages_5f91c469135b77e247a6da72_eba44915b6775bda0478c11227a19064_RackMultipart201808248235518f7-0ab2e63a-f8e1-40ff-8b1f-2d93c9d60e95-2006304452.jpg1535084603

Hi Roberto,

How to assign different users to different groups ?

Otherwise, if using AAA server, I have to assign user to Roles ?

Thanks

Image_ images_messages_5f91c469135b77e247a6dd7d_b0695f8545c9c689d77944d4a660318c_RackMultipart2018082430613xqvp-ad2173ff-783a-474e-9b76-46b98b728a4f-1218365562.jpg1535086190

roberto_hernand
New Contributor III
Based on the message you provided, it seems to be a problem between zonedirector and radius server. What Radius server are you using? Can you look at the logs of the Radius server and see what is telling you. A couple of things I can think are. "Shared secret" not matching. The incorrect IP address defined in the Radius configuration (on the radius server side). Invalid userna/password. To know all of this, we would need to know what radius server you are using.

law_william
New Contributor II

Hi Roberto,

Finally, my laptop PC available to connect after I added to "Default" role.

I would like to know if I want this SSID to connect with "Operator" role, how to control it under WLAN ?

Thanks

Image_ images_messages_5f91c440135b77e2479e9b53_494f03d9b96f2e2ce37ba13a4ee04215_RackMultipart2018082746964jew9-155e84b8-60ef-418b-b3ea-f3077e02a235-1916489430.JPG1535340001