using both LDAP and local radius server

  • 0
  • 3
  • Question
  • Updated 5 months ago
  • Answered
Hello, 

Is it possible to use both LDAP and local authentication? We are running WING 5.8.6. 

For example, the BYOD wireless network will connect to LDAP for authentication and the guest network will use the local radius to authenticate from guest passes generated. 

Thanks
Photo of Daniel Starosciak

Daniel Starosciak

  • 390 Points 250 badge 2x thumb

Posted 5 months ago

  • 0
  • 3
Photo of Christopher Frazee

Christopher Frazee, Employee

  • 2,258 Points 2k badge 2x thumb
Hello Daniel,
       WiNG 5 controllers can only have one radius policy mapped, but under the radius policy there is an Authentication parameter, which allows for default source (local or LDAP) and you can specify what the default source will be and add the WLANs and source (local or LDAP) for each one. 

If additional assistance is required, please open a support case. 
Photo of Ondrej Lepa

Ondrej Lepa, Employee

  • 6,102 Points 5k badge 2x thumb
Hi all,

to elaborate a little on what Chris mentioned:
VX(config-radius-server-policy-RADIUS)#
radius-server-policy RADIUS
 use radius-user-pool-policy LOCAL-AUTH
 authentication data-source local ssid LOCAL-AUTH precedence 1
 authentication data-source ldap ssid LDAP-AUTH precedence 2
 use radius-group LOCAL-AUTH
This will allow you to mix local and remote database.
In GUI you'll find it under Configuration - Services - RADIUS - Server Policy - Authentication



Regards,
Ondrej
Photo of Daniel Starosciak

Daniel Starosciak

  • 390 Points 250 badge 2x thumb
The setup looks pretty straight forward but I cannot get this to work for some reason. Anyone actually has this working? 
Photo of Ondrej Lepa

Ondrej Lepa, Employee

  • 6,102 Points 5k badge 2x thumb
Hi Daniel,

what WiNG version are you running?

Also, see these articles:


If you still have an issue, share with us the RADIUS policy config.

Regards,
Ondrej