Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 7 replies
  • Answers 1 answer
  • Subscribers 11 subscribers
  • Views 5758 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

WIFI RADIUS unreachable

Gerard-Philippe Guminski

Hello,

we replaced our UTM with the new XGS.

Our Wifi Access Points AP55C moved to Sophos Central.

We have 3 SSIDs (Corp (VLAN31), Guest VLAN33), Free (VLAN32)).

The Corp SSID was working on the UTM with Radius-Server (ActiveDirectory Users).

In Sophos Central SSID Setup i entered the internal LAN IP Adress of my Radius-Server. But the Access Point can not connect to it.

The Radius is on my default LAN (192.168.10.0) Network.

The msg in Sophos Central: 

Access Point "ETHACP04_AP55C [A4005866XXXXXXX]" radius server 192.168.10.21 : 1812 is unreachable

Can you help me please?

Sorry for my bad english.

Best regards

Phil



This thread was automatically locked due to age.
Parents
  • 0

    Do you see in a packet capture the packets flowing to this ip or not? 

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    So my config is:

    LAN: 192.168.10.0 /24

    Radius on DC: 192.168.10.21

    Wifi Guests: VLAN 33: 192.168.33.0/24 (working fine)

    Wifi Free: VLAN 32: 192.168.32.0/24 (working fine)

    Wifi Corp: VLAN 31: 192.168.31.0/24 (not working)

    Ports, Rules, VLANs, DHCPs configured on the XG.

    Vlans also configured on the switch in between.

    Are the Access Points forwarding the RADIUS Requests directly to my radius server or will that forwarded to Sophos Central?

  • 0 in reply to Gerard-Philippe Guminski

    So the access point in Central wireless will communicate untagged. This is a different behavior compared to UTM. Check if the access point is reachable and get an ip in the untagged network. 

    Then check if you see any kind of traffic on the radius server port 1812

    __________________________________________________________________________________________________________________

Reply
  • 0 in reply to Gerard-Philippe Guminski

    So the access point in Central wireless will communicate untagged. This is a different behavior compared to UTM. Check if the access point is reachable and get an ip in the untagged network. 

    Then check if you see any kind of traffic on the radius server port 1812

    __________________________________________________________________________________________________________________

Children
No Data
Unfiltered HTML