24
W
IRELESS
LAN S
WITCH
AND
C
ONTROLLER
MSS V
ERSION
3.0 R
ELEASE
N
OTES
This issue is cosmetic only and does not invalidate the
information in the other lines of the display.
SNMP—The ClientAuthServerIp element in the
authorization success trap
(ClientAuthorizationSuccessTraps) is not in
dotted decimal format. (18411)
AAA and RADIUS Issues
WX switch can restart when a last-resort user
configured on a wired authentication port
begins sending packets. (18252)
If a RADIUS server and server group have the
same name, the WX switch restarts when an
administrative user attempts to log in. (18434)
If you use the same name for a RADIUS server and a
RADIUS server group, and use the server group as the
authentication method for a AAA rule for administra-
tive access, the WX switch restarts when the adminis-
trative user attempts to log in.
Do not use the same name for a RADIUS server and a
RADIUS server group.
Multiple RADIUS servers with the same IP
address are not supported. (13895)
You cannot configure multiple instances of RADIUS
on the same machine, with the same IP address. This
method is sometimes used as a scaling technique if
RADIUS transactions on the default UDP port become
congested and another instance of the RADIUS server
on the same machine is configured to use a different
UDP port number. MSS does not allow you to specify
the UDP port number of a RADIUS server and there-
fore cannot distinguish among multiple server entries
with the same IP address.
Use a unique IP address for each RADIUS server.
CLI accepts a subnet mask with a RADIUS server
IP address. (16594)
When you configure a RADIUS server on the WX
switch, the server's IP address does not require a
subnet mask. If you do specify a subnet mask, the CLI
changes the server IP address and the incorrect
address is placed into the switch's configuration.
Do not specify a subnet mask with a RADIUS server
address.
Default 802.1X retransmit interval is too short
for manual login. (18032)
The default 802.1X retransmit interval is 5 seconds.
Although this interval is adequate for clients that are
configured to automatically use the user’s Windows
login information as the network login information,
the interval is too short for users who must manually
enter their network login information.
If the network has clients that do not automatically
use the Windows username and password as the net-
work username and password, use the
set dot1x
tx-period
command to increase the retransmit time.
CAUTION:
Changes to 802.1X parameters affect all
SSIDs managed by the WX switch.
