The JumpCloud RADIUS infrastructure has been updated, and requires changes to the existing RADIUS IP addresses used for this application. The list given under the Configuration section should be used for all RADIUS apps and/or devices. Update any app and/or device using RADIUS with the IPs listed on this page.
This help article is to be used in conjunction with RADIUS Configuration and Authentication.
Prerequisites:
- Device or service endpoint that supports RADIUS and either EAP-PEAP/MSCHAPv2 or EAP-TTLS/PAP authentication methods. Simple PAP may also be used, but we highly recommend you use a more secure authentication protocol such as EAP-PEAP/MSCHAPv2 or EAP-TTLS/PAP
- Port 1812/UDP to our RADIUS service endpoints (RADIUS Accounting on 1813 is not supported)
- If using EAP-TTLS (we suggest most users use EAP-PEAP/MSCAHAPv2 as setup is easier), update the JumpCloud RADIUS server certificate.
- The Shared Secret from the JumpCloud RADIUS Server configuration in JumpCloud Admin Portal.
Configuration
The following is general information for setting up RADIUS on a device or service endpoint. Please refer to your vendor's documentation for specific configuration details, or for a specific example, see Configure a Cisco Meraki WAP to Use Cloud RADIUS.
New RADIUS IP Addresses
- Beginning February 6, 2025 JumpCloud’s RADIUS service supports AnyCast Routing.
- There will now only be two IP addresses used in the configuration regardless of region.
- AnyCast will automatically route RADIUS requests to the JumpCloud RADIUS server nearest to the device or service endpoint sending the request.
- Configure either IP address as the primary or backup address.
IP Addresses | Port | |
---|---|---|
76.223.67.151 | 75.2.116.112 | 1812 |
Old RADIUS IP Addresses
The following RADIUS IP addresses will no longer be available after May 6, 2025:
IP Address | RADIUS URL | Geolocation |
---|---|---|
18.204.0.31 | us1.radius.jumpcloud.com | US East |
54.203.27.225 | us2.radius.jumpcloud.com | US West |
18.194.159.20 | eu1.radius.jumpcloud.com | EU |
18.182.131.248 | ap1.radius.jumpcloud.com | APAC |
108.137.84.29 | idn.radius.jumpcloud.com | APSE |
Encryption/Authentication Mode:
- WPA2 Enterprise
- WPA2 with RADIUS
"WPA2 with RADIUS" is not available on all WAP and Router devices, and will vary by hardware vendor. Please refer to your vendor documentation for further information.
TLS
- When transitioning to the new AnyCast IP addresses, TLSv1.0 and TLSv1.1 will not support RADIUS requests to JumpCloud.
- Use your networking equipment vendor’s monitoring and administration tools to help discover any devices on your network still attempting to authenticate with TLSv1.0/v1.1.
- If any devices are still using the obsolete TLSv1.0 or TSLv1.1 protocol for RADIUS authentication, update them to at least TLS version 1.2 as soon as possible.
- You must enable these device updates before transitioning to the new AnyCast IP addresses.
Testing the connection
- Authenticate using the JumpCloud username and password, or email address and password.
- Test the authentication directly from the device (If supported).
Debugging
For more information on troubleshooting and debugging your RADIUS configuration, see Troubleshoot: RADIUS Server Authentication.