Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

RADIUS authentication MX VPN

mmistretta
Here to help
‎Sep 18 2018 8:39 AM
‎Sep 18 2018 8:39 AM

RADIUS authentication MX VPN

I am trying to configure RADIUS authentication for VPN clients using an MX100.

I can connect just fine when using local auth.

I switched over to radius, and am getting an invalid username/password.  I have tested and confirmed they are both correct.

I have tried authenticating using just the username, and domain\username, but no luck with either.

Anyone have any idea what i may be missing?

0 Kudos
Subscribe
5 Replies 5
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 18 2018 1:18 PM
‎Sep 18 2018 1:18 PM

If you are getting an "invalid username" response then the good news is that the MX100 is talking to the RADIUS server  - because that is a response returned by the RADIUS server.

 

You need to half a look at the log on your RADIUS server and its configuration to find out what it is refusing to allow the user to connect.

0 Kudos
Subscribe
In response to PhilipDAth
GregD
Here to help
‎Oct 18 2018 1:35 PM
‎Oct 18 2018 1:35 PM

I have the same problem, but I don't even see the RADIUS traffic from the MX or the MR (MX64 and MR33).

0 Kudos
Subscribe
In response to GregD
Alexxdavid
Comes here often
‎Oct 23 2018 2:54 AM
‎Oct 23 2018 2:54 AM

We have an MX68 and a case opened with Meraki.

 

The MX68 doesn't even pass traffic to the Radius Server! Wondering how those things passed quality assurance considering they enforce a new firmware version for the new MX series.

0 Kudos
Subscribe
In response to Alexxdavid
mmistretta
Here to help
‎Dec 10 2018 12:58 PM
‎Dec 10 2018 12:58 PM

check out my post with my resolution somewhere here in this thread... its an undocumented fix... lol.  but its working

0 Kudos
Subscribe
In response to PhilipDAth
mmistretta
Here to help
‎Dec 10 2018 12:57 PM
‎Dec 10 2018 12:57 PM

I have since resolved this, it came down to the encryption configuration on the adapter.  It needs to be set to optional.

But when we were testing, the test from the MX would show hits on radius, but from the client it would not.

Tinkering and the good ole try-this-try-that approach eventually lead to a successful connection

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.