Reset Search
 

 

Article

Why are wireless clients only able to authenticate when connected to the Virtual Controller captive portal and not the adopted WiNG APs?

« Go Back

Information

 
TitleWhy are wireless clients only able to authenticate when connected to the Virtual Controller captive portal and not the adopted WiNG APs?
Question
Why are wireless clients connected to the virtual controller captive portal login page able to successfully authenticate and log in, while others connected to adopted APs fail authentication although using the same login credentials? 
Environment
  • All WiNG APs
  • WiNG 5.x
  • Captive Portal: Self
  • Onboard Radius
  • Virtual Controller
Answer
In this case, the radius server policy is only mapped to the Virtual Controller as an override, but not mapped to the AP profile all adopted APs are using. In a Virtual Controller deployment where Captive Portal is being advertised on all APs, the radius server policy must also be mapped to said APs in order for wireless client authentication to be successful.

To verify this, log into the virtual controller and run the following commands:

Note: Your AP profile and radius policy names might differ from the ones shown in this example. If this is the case, replace the default names with the ones configured on your VC. 
>en
#self
#show context | include radius
 use radius-server-policy default                 (Radius Policy mapped to VC as an override)
#..
#profile ap7532 default-ap7532
#show context | include radius
#                                                 (no Radius Policy mapped to AP profile used by adopted APs)
#end

Map the radius policy to the AP system profile:
#conf t
#profile ap7532 default-ap7532
#use radius-server-policy default
#com wr
#show context | include radius
 use radius-server-policy default
Additional notes

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255