Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 22 replies
  • Subscribers 32 subscribers
  • Views 52673 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Wireless Radius auth via IPSec not possible

frozeneye

Hi, we're trying to get Radius auth for wireless WPA enterprise to work in our Branch Office.

Situation: One UTM HA Cluster in Main Office. There are the Active Directory and Radius Servers located. In our Branch Office we change from RED to XG85. We use WPA enterprise with Radius to connect the wireless Clients.

The xg85 is connected wia Site2site ipsec and via LAN everything is fine. Active-directory-auth to xg85 via ipsec works also.

But the Radius auth doesn't work. I've already read different articles and try a lot but the Radius auth from the WLAN client doesn't arrive at the Radius Server in Main Office.

Radius test from the xg85 itself arrive at the Radius Server so the connection seems OK. Also all needed firewall rules are inplace. The wan-ip from the xg85 is included in the ipsec-tunnel so that the xg85 itself is able to connect to the ad and Radius Servers.

Any hints? I'searching the last days for a solution...

Thanks und advance,

Regards, Markus



This thread was automatically locked due to age.
Parents
  • 0

    Hi All,

    I know this is an old thread, has there been any fix for this 'bug' yet? I have just tried this and am getting the same results.

    the only difference is I am S2S from HO (UTM) and Branch (XG 17.1.2 MR-2).

    I am wondering is a GRE tunnel would fix this? (yes I understand a GRE tunnel is not really supported on UTM)

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

  • 0 in reply to Argo

    Hi,

    Please use the system originated traffic KBA.

    community.sophos.com/.../123336

    __________________________________________________________________________________________________________________

  • 0 in reply to LuCar Toni

    Thanks for that pointer, was thinking of going another route (RED Tunnel).

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

Reply
  • 0 in reply to LuCar Toni

    Thanks for that pointer, was thinking of going another route (RED Tunnel).

    XG & UTM Architect (Systems: XG v18 & UTM 9.7 - Virtual, HW & SW)
    Curious enough to take it apart, skilled enough to put it back together, Clever enough to hide the extra parts when I'm Done!

Children
No Data
Cookie Information Banner