Fortinet black logo

ExtremeCloud/Aerohive Wireless Integration

Home FortiNAC 9.4.0 ExtremeCloud/Aerohive Wireless Integration
9.4.0
9.4.0
9.2.0
9.1.0

Step 3: Configure RADIUS in FortiNAC

Step 3: Configure RADIUS in FortiNAC

Configure the appropriate RADIUS server option. Proxy and Local modes can be configured in FortiNAC on a per-device basis.

  • Proxy

    • Authentication: FortiNAC processes RADIUS MAC but proxies 802.1x EAP authentication to a customer-owned (external) RADIUS server.

    • Accounting: FortiNAC proxies accounting traffic to a customer-owned (external) RADIUS server.

    • For more information on this option, see Proxy in the Administration Guide.

  • Local

    • Authentication: FortiNAC’s Local RADIUS Server processes RADIUS MAC and 802.1x EAP authentication without the need to proxy to an external RADIUS server.

    • Accounting: The Local RADIUS server does not provide accounting. If accounting is required, FortiNAC can be configured to proxy Accounting traffic to an external RADIUS server.

    • Attribute Groups: Create an Attribute Group named “ExtremeCloud” or “Aerohive” using the chart below.

      Attributes

      Response Values

      Tunnel-Medium-Type

      IPv4

      Tunnel-Type

      GRE

      Tunnel-Private-Group-Id

      %ACCESS_VALUE%

Example:

Reference

https://docslib.org/doc/358947/aerohive-configuration-guide-radius-authentication-2

For more information on this option, see Local RADIUS Server in the Administration Guide.

Previous
Next

Step 3: Configure RADIUS in FortiNAC

Configure the appropriate RADIUS server option. Proxy and Local modes can be configured in FortiNAC on a per-device basis.

  • Proxy

    • Authentication: FortiNAC processes RADIUS MAC but proxies 802.1x EAP authentication to a customer-owned (external) RADIUS server.

    • Accounting: FortiNAC proxies accounting traffic to a customer-owned (external) RADIUS server.

    • For more information on this option, see Proxy in the Administration Guide.

  • Local

    • Authentication: FortiNAC’s Local RADIUS Server processes RADIUS MAC and 802.1x EAP authentication without the need to proxy to an external RADIUS server.

    • Accounting: The Local RADIUS server does not provide accounting. If accounting is required, FortiNAC can be configured to proxy Accounting traffic to an external RADIUS server.

    • Attribute Groups: Create an Attribute Group named “ExtremeCloud” or “Aerohive” using the chart below.

      Attributes

      Response Values

      Tunnel-Medium-Type

      IPv4

      Tunnel-Type

      GRE

      Tunnel-Private-Group-Id

      %ACCESS_VALUE%

Example:

Reference

https://docslib.org/doc/358947/aerohive-configuration-guide-radius-authentication-2

For more information on this option, see Local RADIUS Server in the Administration Guide.

Previous
Next