cancel
Showing results for 
Search instead for 
Did you mean: 

ZD3000: added AAA Active Directory server - then added wlan, no visible aaa choice

dtsblake_588878
Contributor II
On a ZD3000 ver 9.6.1.
added AAA Active Directory server - then added WLAN, no visible aaa choice:

1. AD server added and tested successful
2. Tried to add WLAN:
2a. chose standard usage
2b. chose 802.1x EAP
2c. chose WPA2
2d. chose AES

3. Authentication Server: pull-down does not display name of AAA server as a choice.
5 REPLIES 5

keith_redfield
Valued Contributor II
Hi Rick,

Sorry for the troubles. What version did you upgrade from? Were you previously running this configuration or is this a new installation?

Thx

dtsblake_588878
Contributor II
New install. factory version 9.4.0.0.110

Upgraded to 9.6.0.0.267
Upgraded to 9.6.1

Then tried adding AAA - AD

Thanks

r0nnieb
New Contributor II
Hi Rick,

802.1X will require a RADIUS server within your AAA config. If you require EAP authentication this will need to be added to your zonedirector and configuration of a radius / network policy server

Depending what you need, there are other alternatives that the zone director supports with Dynamic PSK, Role Based Access Control, Captive Portal, Hotspot Provisioning that are easier to configure that a full blown radius solution 🙂

dtsblake_588878
Contributor II
Thanks r0nnieb.

r0nnieb: "...Depending what you need, there are other alternatives that the zone director supports with Dynamic PSK, Role Based Access Control, Captive Portal, Hotspot Provisioning that are easier to configure that a full blown radius solution..."

Note: I am a ruckuswireless noob. I am preparing the ZD300 for production. We anticipate (max) 2000 student "guest" users using 100 APs at any one time. We also anticipate 400 employees using their active directory credentials.

Part B:
Do any of the aforementioned alternatives support multi-thousands of "guests" using the identical login credentials (or pass phrases) ? Do any of of the alternatives NOT require a separate server or non-ruckus device...that is, I would like the ZD3000 to offer the "guest" webpage (or other ZD built-in security solution) for credentialing and encryption.

Part A:
r0nnieb: "802.1X will require a RADIUS server within your AAA config. If you require EAP authentication this will need to be added to your zonedirector and configuration of a radius / network policy server"

Are you saying I need a separate RADIUS server in order to use active directory ("AD") credentialing? That is, I thought I could point the ZD at our AD without the need for a RADIUS server.

Thanks much,
Rick
Labels