Meraki

Community

Group Policy behavior between MS14 and MS15

RaphaelL
Kind of a big deal
Kind of a big deal
‎Apr 19 2023 2:59 PM
‎Apr 19 2023 2:59 PM

Group Policy behavior between MS14 and MS15

Hi ,

 

Has someone else experienced a change in the behavior of Group Policy ?

 

I have a GP pushed by a radius attribute and the behavior changed. 

 

it seems that DHCP is no longer implictly allowed in group policy applied through 802.1x

 

I have an open case about it , but wondering if someone else encountered that.

 

Thanks 

Labels:
0 Kudos
5 Replies 5
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 20 2023 2:30 PM
‎Apr 20 2023 2:30 PM

Funny you should say that.  I'm not using RADIUS, but was setting up a system yesterday that pushes a group policy attribute to use.  The Meraki event log shows it is getting and applying the attribute, but the client never shows that it is applied.

 

I put it down to an error I made, and I haven't had the time to go through everything again.

 

I need to re-test and existing system that I know works now.

0 Kudos
RaphaelL
Kind of a big deal
Kind of a big deal
‎Dec 1 2023 11:24 AM
‎Dec 1 2023 11:24 AM

Took months , but here is what happened between MS14 and  MS15&MS16. 

 

If your voice vlan and access vlan are the same , 802.1X won't work with never versions. This was a bug forever in older MS versions which was fixed in MS15&16 and broke our setup. 

 

This however is not present on the MS documentation. Which we couldn't have guessed. 

In response to RaphaelL
alemabrahao
Kind of a big deal
Kind of a big deal
‎Dec 15 2023 2:18 AM
‎Dec 15 2023 2:18 AM

@RaphaelL  just to clarify, so it's not a Bug but rather expected behavior?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
RaphaelL
Kind of a big deal
Kind of a big deal
‎Dec 15 2023 4:44 AM
‎Dec 15 2023 4:44 AM

Exactly ! All MS version prior to MS15 are bugged. It allows you to configure the same access vlan and voice vlan ( eg : 10 and 10 ) and 802.1X auth will still work.  In MS15 they silently fixed that.

0 Kudos
In response to RaphaelL
alemabrahao
Kind of a big deal
Kind of a big deal
‎Dec 15 2023 4:48 AM
‎Dec 15 2023 4:48 AM

Thank you so much. 🖖

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.