Please select To the mobile version | Continue to access the desktop computer version
 Forgot password?
 Register now


Wireless

View: 2470|Reply: 1

How to transmit the IP address to the Radius server in wireless 1X auth?

[Copy link]

10

Digests

994

Posts

1107

Credits

administrator

Rank: 9Rank: 9Rank: 9

Credits
1107
Post time 2017-4-26 17:51:12 | Show all posts |Read mode
How to transmit the IP address to the Radius server in wireless 1X auth?
Reply

Use magic Report

10

Digests

994

Posts

1107

Credits

administrator

Rank: 9Rank: 9Rank: 9

Credits
1107
 Author| Post time 2017-4-26 17:51:28 | Show all posts
The IP address is transmitted to the Radius server in a Radius-accounting packet (the first accounting packet). Previously, when 1X and MAB authentication begins, the Radius accounting packets may be already sent out but STA may be yet to obtain the IP address. To address this issue, a function is developed on the wireless device: The STA should obtains the IP address via DHCP server first then AC sends out the Radius-accounting packet.

The work principles are as follows:
1. The AC enables the DHCP snooping function. This function is used to detect whether a wireless STA obtains the IP address and corresponding DHCP snooping entry should be generated on AC.
2. On the AC, run dot1x dhcp-before-acct enable (for the 11.X version, the command is dot1x valid-ip-acct enable). Ensure that the Radius-accounting packet is not issued before the AC generates the DHCP snooping entry.

After this function is enabled, if the IP address is manually configured for the DHCP snooping entry fails to be generated due to incorrect configurations, the wireless user is forcibly offline by the AC after the accounting update period ends.
You have to log in before you can reply Login | Register now