Only 1 of 5 APs is able to authenticate to RADIUS server

  • 1
  • Question
  • Updated 4 years ago
  • Answered
In our hive of APs, I am able to perform a successful RADIUS authentication test to the local RADIUS server from just 1 of the 5 APs. 
I cannot figure out why the other 4 APs are unable to communicate with the local RADIUS server.

This was tested using a valid AD username using the RADIUS Tool to the IP address of the RADIUS server.

I can successfully Ping the RADIUS IP address from all 5 APs and the VLAN probe correctly finds the correct ID. 

Could this be a DNS related issue?

Photo of Jason Hills

Jason Hills

  • 78 Posts
  • 3 Reply Likes

Posted 4 years ago

  • 1
Photo of Abby S

Abby S, Employee

  • 94 Posts
  • 47 Reply Likes
It sounds more like the rest of the APs aren't configured as NAS objects in your RADIUS server. You can see this in a client monitor capture if you use that tool. Otherwise, confirm you have configured your radius server for the mgmt subnet of the APs or have added all 5 as NAS objects.
Photo of Jason Hills

Jason Hills

  • 78 Posts
  • 3 Reply Likes
Thanks Abby I'll confirm that. that sounds the best plan.
Is another potential solution to assign that AP as a proxy for the remaining APs?
Photo of Abby S

Abby S, Employee

  • 94 Posts
  • 47 Reply Likes
absolutely, if you prefer you can designate any AP as the RADIUS proxy. It's configured in Configuration - Authentication - RADIUS Proxy. Then assign the RADIUS proxy object to the device you want to designate in Configuration - Devices - Modify - Service Settings :-)