Hello
Is it possible to create two or more Virtual APs and point each of their respective security profiles(using EAP) to two separate RADIUS??
Re: EAP on virtual AP on two separate RADIUS
No. On ROS AFAIK you can define more than one radius, but 2nd, 3d only will get used if previous one doesn't respond.
You can however setup proxying on your radius and "route" from there.
You can however setup proxying on your radius and "route" from there.
Re: EAP on virtual AP on two separate RADIUS
in that case username or realm or something have to be known. right?No. On ROS you can define more than one radius, but 2nd, 3d only will get used if previous one doesn't respond.
You can however setup proxying on your radius and "route" from there.
So like @abc.com go to one server and @def.com go to other server
Re: EAP on virtual AP on two separate RADIUS
That's it, that could be a way.
Re: EAP on virtual AP on two separate RADIUS
thanks for your help pukkitaThat's it, that could be a way.
But the problem is I dont have a known distinguisher for the users
Re: EAP on virtual AP on two separate RADIUS
A customer has a setup where sstp uses two different radius servers depending on the domain-part of the username. I would think that wlan would give similar behavior in respect to domain name.
The only thing I did to make it work was to enter domainname for each radius server. I'll post config here, in case you want to test.
the windows full domain names are sales.company.local and adm.company.local. The IP's is the ip of a domain controller in each domain.
The only thing I did to make it work was to enter domainname for each radius server. I'll post config here, in case you want to test.
Code: Select all
/radius
add address=10.60.255.220 domain=SALES secret=Radiuspass service=ppp
add address=10.61.6.212 domain=ADM secret=Radiuspass service=ppp