RADIUS authentication MX VPN

mmistretta
Here to help

RADIUS authentication MX VPN

I am trying to configure RADIUS authentication for VPN clients using an MX100.

I can connect just fine when using local auth.

I switched over to radius, and am getting an invalid username/password.  I have tested and confirmed they are both correct.

I have tried authenticating using just the username, and domain\username, but no luck with either.

Anyone have any idea what i may be missing?

5 Replies 5
PhilipDAth
Kind of a big deal
Kind of a big deal

If you are getting an "invalid username" response then the good news is that the MX100 is talking to the RADIUS server  - because that is a response returned by the RADIUS server.

 

You need to half a look at the log on your RADIUS server and its configuration to find out what it is refusing to allow the user to connect.

GregD
Here to help

I have the same problem, but I don't even see the RADIUS traffic from the MX or the MR (MX64 and MR33).

Alexxdavid
Comes here often

We have an MX68 and a case opened with Meraki.

 

The MX68 doesn't even pass traffic to the Radius Server! Wondering how those things passed quality assurance considering they enforce a new firmware version for the new MX series.

mmistretta
Here to help

check out my post with my resolution somewhere here in this thread... its an undocumented fix... lol.  but its working

mmistretta
Here to help

I have since resolved this, it came down to the encryption configuration on the adapter.  It needs to be set to optional.

But when we were testing, the test from the MX would show hits on radius, but from the client it would not.

Tinkering and the good ole try-this-try-that approach eventually lead to a successful connection

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels