Can I give APs a second IP address on eth1 or VLAN for specific Management traffic (e.g. RADIUS)?

  • 2
  • Question
  • Updated 5 years ago
  • Answered
I received several requests now if we can communicate with a Radius server for authentication request directly through the attached VLAN or eth1 interface, as the Radius server has an IP address inside that user VLAN.

To be more precise, one example:
- eth0, VLAN 1, Subnet 1, Radius Server inside -> no problem, direct communication from AP's Management IP, same VLAN
- eth1, VLAN 2, Subnet 2, Radius Server inside -> communication is going out on eth0, VLAN 1, with AP's Management IP, and has to be routed by the Firewall

So the question is: Can we give the AP a second IP address, on eth1/VLAN 2, for communication with the 2nd Radius server?
Photo of Carsten Buchenau

Carsten Buchenau, Champ

  • 356 Posts
  • 117 Reply Likes

Posted 5 years ago

  • 2
Photo of Mike Kouri

Mike Kouri, Official Rep

  • 1030 Posts
  • 271 Reply Likes
Sorry, no, I don't think so.
Photo of Carsten Buchenau

Carsten Buchenau, Champ

  • 356 Posts
  • 117 Reply Likes
So what is the best way to transform this question into a feature request then?
Photo of Mike Kouri

Mike Kouri, Official Rep

  • 1030 Posts
  • 271 Reply Likes
Carsten,
Effectively, you already have.

Unfortunately, our current architecture for APs makes them basically bridges that only have one management IP address and simple routing, so without a compelling use-case that convinces me it would apply to a whole swathe of our customer base and intended customer base, it's just not going to get a lot of attention.

From what you've written so far, it looks to me more like a request to make things more convenient than to solve a particular problem. If you can elaborate on what you're trying to accomplish and why we should invest development resources into adding more complexity to the product, we'll definitely give it consideration.
Photo of Nick Lowe

Nick Lowe, Official Rep

  • 2491 Posts
  • 451 Reply Likes
This actually is a great answer, Mike. I wish people were always as upfront as this rather than attempting to massage things under some misguided PR delusion. It is refreshing and honest.
Photo of Carsten Buchenau

Carsten Buchenau, Champ

  • 356 Posts
  • 117 Reply Likes
Can only agree, thanks Mike!
Photo of Benjamin Lambert

Benjamin Lambert

  • 27 Posts
  • 5 Reply Likes
For the record, I was looking to do something similar as the OP and am thrilled that I found the answer to my question very quickly. This way I didn't spend a lot of time poking through documentation and wasting tech support's time.

Not to mention it was an up front answer!
Photo of Amanda

Amanda

  • 396 Posts
  • 25 Reply Likes
Thanks Benjamin, good to know!