This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Extreme Control as External RADIUS in Cloud IQ

Extreme Control as External RADIUS in Cloud IQ

Go to solution
RobertD1
Contributor II

‎02-22-2022 04:21 AM

Hello,

I understand that it is possible to create a network policy in Cloud IQ for Wireless which can use External RADIUS server for authentication (Extreme A3, NPS, Extreme Control). Do the APs (AP3705C) which are onboarded in the cloud also need to be added under Access-Control>Switches? If so what RADIUS Attributes should they use?

Thanks,
Rob
0 Kudos
1 ACCEPTED SOLUTION

Go to solution
RobertD1
Contributor II

‎03-01-2022 02:05 PM

I have got this to work! After solving the first problem with the developer profile (redirect URI was missing) then the first task passed and data was collected. I then realized the subsequent tasks also had scripts which when reviewed revealed what I needed to do in addition. I had to create a profile for the new device to use (or alter the script) and I added another IF statement for the model of AP I was using (AP305C) and in the last script alter the primary RADIUS server IP. That's it! I've learnt a lot from this and will be very useful for bulk importing and integrating XIQ WAPs with XIQ-SE with Extreme Control.

View solution in original post

0 Kudos
11 REPLIES 11

Go to solution
RobertD1
Contributor II

‎02-22-2022 10:56 AM

Hi Sam,

I have a customer that already has Cloud IQ APs and they are using PSK which has been compromised. They would like a more secure solution where they can assign VLANs for different user types. So, yes I want to use a network policy which uses the Extreme Access Control virtual appliance which is in a secure location at the customer's HQ. EAC and XIQ-SE are able to onboard to Cloud IQ as well as the APs. 

Am I right that the APs need to be imported from XIQ into XIQ-SE so that they can be added to Access-Control>Switches? The APs that onboard to the cloud could be in any global location, so missing some facts about how Cloud based APs can use on premise Extreme NAC (not A3) as RADIUS Server using network policy in XIQ. 

How is the AP configured under Access-Control>Switches? There is a list of different choices of RADIUS Attributes to Send in the device configuration, what should it be?

Not using Extreme A3.

Extreme Access Control could have local users or integrate with AD database. 

Requirement is for 802.1X. 

Thanks,
Rob
0 Kudos

Go to solution
SamPirok
Community Manager Community Manager
Community Manager

‎02-22-2022 10:32 AM

Hi Rob, thanks for reaching out. I just wanted to clarify something really quick so I know what team to reach out to for help with this question- are you building the Radius policy out in ExtremCloud IQ or Extreme A3? We'll be able to help you either way, I just want to make sure I take this to the right team to avoid delays here.
0 Kudos
GTM-P2G8KFN