Inbound rule in Meraki Dashboard for our RADIUS server

SOLVED
paddyboy
Here to help

Inbound rule in Meraki Dashboard for our RADIUS server

Hello WLAN Experts.

 

I'm assuming if we change the internal IP address for our RADIUS server, the Meraki Dashboard firewall rule for Inbound traffic to that new server IP will automatically be updated?

 

I don't see anywhere else we would change that inbound rule to allow traffic inbound to our internal RADIUS IP address on logical destination ports UDP 1812 & 1813

 

I thought I'd ask here before opening a case with Meraki.

 

Thanks in advance!

 

 

1 ACCEPTED SOLUTION
ww
Kind of a big deal
Kind of a big deal

The wireless firewall section? I dont think that the wireless firewall  apply to the meraki AP ip itself.  However Its always good to test your new radius on a temporary ssid.

View solution in original post

6 REPLIES 6
RaphaelL
Kind of a big deal

Hi ,

 

I have not tested if the firewall page will update by itself , which I supose it does. 

 

If you are using Site-To-Site VPN rules , you may have to adjust them, if not you may have nothing else to do on the Meraki side : VPN traffic to both AutoVPN and Non-Meraki peers is only subject to the site-to-site firewall rules and is never subject to global Layer 3 firewall ruleshttps://documentation.meraki.com/MX/Site-to-site_VPN/Site-to-site_VPN_Firewall_Rule_Behavior

Thanks for the fast reply!

 

We don't employ a site to site VPN, so this would just be client devices having the ability to reach the internal IP for any new RADIUS server we set up for internal authentication purposes.

 

I suppose I could setup a test SSID and set the RADIUS server IP to a different IP than our production server and see if the firewall rule updates after I apply changes.

 

I'm just not sure if the server IP would then be removed from the Inbound firewall rule once I remove the test IP for RADIUS from the test SSID.

 

 

 

ww
Kind of a big deal
Kind of a big deal

Meraki does not use inboud rules (yet).  The help> firewall info section is there just for information in case someone is using a firewall upstream.

Thank you.  I guess what I am wondering about is will the firewall section automatically be updated to reflect the new (or secondary) RADIUS server should we apply one and configure it in a new SSID

 

But as Meraki doesn't use inbound rules, I guess it would only be a cosmetic change then

 

ww
Kind of a big deal
Kind of a big deal

The wireless firewall section? I dont think that the wireless firewall  apply to the meraki AP ip itself.  However Its always good to test your new radius on a temporary ssid.

Okay, thanks for the assist.  We'll test it and see if that information is updated (although, as you pointed out, it maybe doesn't apply the rule to the APs)

 

Again, I think you're right, and that would be a cosmetic change just to use the FW info as a reference moving forward.

 

 

 

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.