Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Split RADIUS for client VPN based on Group authentication

George_R
New here
yesterday
yesterday

Split RADIUS for client VPN based on Group authentication

Hi Team,

 

I have a Meraki MX client VPN setup which authenticates with a radius server and Duo.

I need to implement an Azure MFA but need to keep it in testing mode for some time.

What I did was, installed an NPS and Azure MFA extension on a separate server and went to configure a secondary RADIUS server in Meraki Client VPN page but then I started wondering:

How to instruct existing setup that Please authenticate Group A with old radius server and Group B with new RADIUS?

Is it even possible?

0 Kudos
Subscribe
1 Reply 1
MartinLL
Getting noticed
2 hours ago
2 hours ago

I dont think you can do that. The secondary radius server in the list will only be used if the primary goes down.

If i were you i would pick a site or talk to your Cisco rep to get a vMX trial license that you can use to test the new radius server. Simply create a new network, add the client vpn config and create a new anyconnect profile you can install on test clients.

When you are happy with the result you simply change the radius server on your production network.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.