Configure a WAP, VPN, or Router for RADIUS

The JumpCloud RADIUS infrastructure has been updated, and requires changes to the existing RADIUS IP addresses used for this application. The list given under the Configuration section should be used for all RADIUS apps and/or devices. Update any app and/or device using RADIUS with the IPs listed on this page.

Note:

This help article is to be used in conjunction with RADIUS Configuration and Authentication.

Prerequisites:

  • Device or service endpoint that supports RADIUS and either EAP-PEAP/MSCHAPv2 or EAP-TTLS/PAP authentication methods.  Simple PAP may also be used, but we highly recommend you use a more secure authentication protocol such as EAP-PEAP/MSCHAPv2 or EAP-TTLS/PAP
  • Port 1812/UDP to our RADIUS service endpoints (RADIUS Accounting on 1813 is not supported)
  • If using EAP-TTLS (we suggest most users use EAP-PEAP/MSCAHAPv2 as setup is easier), update the JumpCloud RADIUS server certificate.
  • The Shared Secret from the JumpCloud RADIUS Server configuration in JumpCloud Admin Portal.

Configuration

The following is general information for setting up RADIUS on a device or service endpoint. Please refer to your vendor's documentation for specific configuration details, or for a specific example, see Configure a Cisco Meraki WAP to Use Cloud RADIUS.

New RADIUS IP Addresses

Important:
  • Beginning February 6, 2025 JumpCloud’s RADIUS service supports AnyCast Routing. 
  • There will now only be two IP addresses used in the configuration regardless of region. 
  • AnyCast will automatically route RADIUS requests to the JumpCloud RADIUS server nearest to the device or service endpoint sending the request. 
  • Configure either IP address as the primary or backup address.
IP Addresses Port
76.223.67.151 75.2.116.112 1812

Old RADIUS IP Addresses

The following RADIUS IP addresses will no longer be available after May 6, 2025:

IP Address RADIUS URL Geolocation
18.204.0.31 us1.radius.jumpcloud.com US East
54.203.27.225 us2.radius.jumpcloud.com US West
18.194.159.20 eu1.radius.jumpcloud.com EU
18.182.131.248 ap1.radius.jumpcloud.com APAC
108.137.84.29 idn.radius.jumpcloud.com APSE

Encryption/Authentication Mode:

  • WPA2 Enterprise
  • WPA2 with RADIUS

Note:

"WPA2 with RADIUS" is not available on all WAP and Router devices, and will vary by hardware vendor.  Please refer to your vendor documentation for further information.

TLS

Important:
  • When transitioning to the new AnyCast IP addresses, TLSv1.0 and TLSv1.1 will not support RADIUS requests to JumpCloud. 
  • Use your networking equipment vendor’s monitoring and administration tools to help discover any devices on your network still attempting to authenticate with TLSv1.0/v1.1.
  • If any devices are still using the obsolete TLSv1.0 or TSLv1.1 protocol for RADIUS authentication, update them to at least TLS version 1.2 as soon as possible. 
  • You must enable these device updates before transitioning to the new AnyCast IP addresses.

Testing the connection

  • Authenticate using the JumpCloud username and password, or email address and password.
  • Test the authentication directly from the device (If supported).

Debugging

For more information on troubleshooting and debugging your RADIUS configuration, see Troubleshoot: RADIUS Server Authentication.

Back to Top

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case