Hi all,
I am trying to connect a lab environment to an external RADIUS server using RADSEC.
I would like to use RADSEC as the RADIUS server is located in the cloud, and I don't need my username or EAP-TLS certificate metadata going across the Internet unencrypted.
I have been trying to add a RADSEC server to the RADIUS Server Group in my 802.1X SSID with no success.
The only two options for RADIUS servers are "Standard" and "Secure". Does "Secure" mean RADSEC? Whenever I try to add a "Secure" RADIUS server, the object gets created but it disappears from the RADIUS Group and cannot be added to the SSID.
Does XIQ simply not support RADSEC? This is quite surprising to me
I followed up with some colleagues. We do support this. However, only the RADSEC APs would know of the external RADIUS server. After creating the external Secure RADIUS server with all the needed trust point and shared secret, you would then click Extreme Networks RADSEC Proxy in the RADIUS server group:
Then you click the "+" to create the RADSEC Proxy configuration, where you would use the external secure server as the External RADSEC Server:
Using this, your APs would then talk to the RADSEC proxies that are selected automatically, and only those proxies would be communicating to your secure external server.
-Nick
