Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

API - Using 8021x-localradius authentication getting Authentication requires 802.1x servers:

Solved
DevOps_1999
Here to help
‎Nov 3 2022 12:11 PM
‎Nov 3 2022 12:11 PM

API - Using 8021x-localradius authentication getting Authentication requires 802.1x servers:

I've created a script using json and localRadius - 

 

I've configured all necessary fields and what looks to be the correct setup.  I keep on getting the following error when running the python script.  Using localRadius option of 8021x-localradius there are no Radius Servers.  Even if I take the json from a working setup and try it again, it does not work.

 

 

Has anyone ever had any experience using the API and 8021x-localradius?

 

Here is the error:

b'{"errors":["Authentication mode requires RADIUS 802.1X servers"]}'

0 Kudos
Subscribe
1 Accepted Solution
In response to DevOps_1999
DevOps_1999
Here to help
‎Nov 4 2022 8:13 AM
‎Nov 4 2022 8:13 AM

For those who might come across this problem in the future:

 

Error:  b'{"errors":["Authentication mode requires RADIUS 802.1X servers"]}'

 

Does require you to specify the radius server property, which I did and made up something completely fake. I think there is a bug in the API which requires the radiusServers to be specified with localRadius.  This should not be specified as the radius server in this case IS the meraki AP not an external server.

 

In JSON format: 

 "radiusServers": [
{
"host": "1.1.1.1",
"secret": "fdafdasfdas",
"port": 123
}
]
}

 

Just a note:

When I look at the dashboard setup for this SSID, there are NO radiusServers setup, even though it is in the code.  As per the documentation above 8021x-radius and ipsk-with-radius are the only authMethods which need RadiusServers. 

View solution in original post

0 Kudos
Subscribe
6 Replies 6
RaphaelL
Kind of a big deal
Kind of a big deal
‎Nov 3 2022 12:44 PM
‎Nov 3 2022 12:44 PM

Hi ,

 

You have to define the 802.1X Servers. Please refer to the documentation of that endpoint : https://developer.cisco.com/meraki/api-latest/#!update-network-wireless-ssid

 

I'm pretty sure that you are trying to update a SSID 

0 Kudos
Subscribe
DevOps_1999
Here to help
‎Nov 3 2022 12:51 PM
‎Nov 3 2022 12:51 PM

Yes, I'm sorry.  I'm updating/creating an SSID:  

Though I'd technically agree with you - I have a completely working SSID which I pulled configuration from.  There are no 802.1x servers defined in the working configuration.  What is defined is the ldap servers for querying the certificate validity. 

 

With a localRadius configuration - there is only a definition for Certificate as well as ldap server query settings.  

 

 

0 Kudos
Subscribe
In response to DevOps_1999
RaphaelL
Kind of a big deal
Kind of a big deal
‎Nov 3 2022 12:54 PM
‎Nov 3 2022 12:54 PM

On that said SSID , what is the auth mode ( via API and dashboard just to confirm )

0 Kudos
Subscribe
In response to RaphaelL
DevOps_1999
Here to help
‎Nov 3 2022 12:57 PM
‎Nov 3 2022 12:57 PM

Thanks for the reply.

 

AuthMode string is as specified highlighted in black:

 

authMode:string

The association control method for the SSID ('open', 'open-enhanced', 'psk', 'open-with-radius', '8021x-meraki', '8021x-nac', '8021x-radius', '8021x-google', '8021x-localradius', 'ipsk-with-radius' or 'ipsk-without-radius')

0 Kudos
Subscribe
In response to DevOps_1999
DevOps_1999
Here to help
‎Nov 4 2022 5:23 AM
‎Nov 4 2022 5:23 AM

Let me update a few thoughts:

Here is what the documentation states for localRadius object.  It's the local radius on the AP, so there would not be a radius server defined in this circumstance. 

localRadius:  object

The current setting for Local Authentication, a built-in RADIUS server on the access point. Only valid if authMode is '8021x-localradius'.

 

radiusServers:array[]

The RADIUS 802.1X servers to be used for authentication. This param is only valid if the authMode is 'open-with-radius', '8021x-radius' or 'ipsk-with-radius'

 

The RadiusServers are not used with the localRadius, which makes sense.  

0 Kudos
Subscribe
In response to DevOps_1999
DevOps_1999
Here to help
‎Nov 4 2022 8:13 AM
‎Nov 4 2022 8:13 AM

For those who might come across this problem in the future:

 

Error:  b'{"errors":["Authentication mode requires RADIUS 802.1X servers"]}'

 

Does require you to specify the radius server property, which I did and made up something completely fake. I think there is a bug in the API which requires the radiusServers to be specified with localRadius.  This should not be specified as the radius server in this case IS the meraki AP not an external server.

 

In JSON format: 

 "radiusServers": [
{
"host": "1.1.1.1",
"secret": "fdafdasfdas",
"port": 123
}
]
}

 

Just a note:

When I look at the dashboard setup for this SSID, there are NO radiusServers setup, even though it is in the code.  As per the documentation above 8021x-radius and ipsk-with-radius are the only authMethods which need RadiusServers. 

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.