Hi all,
My question is about how can I provide a custom NAS ID value in a Radius requests originated by SM switch?
I am comparing the Access Policy configuration forms between the Wireless and Switch and i see that I can do that for the Wireless mode (in advanced section) but I do not see anything similar for the Switch.
Please advice.
Thanks.
I believe that in this case you will only be able to use the Called-Station-Id.
When an access policy is configured with RADIUS server, authentication is performed using PAP. The following attributes are present in the Access-Request messages sent from MS switch to the RADIUS server.
Note: MS390 has an exception, it will send MACID of the switch port in the Called-Station-Id AVP.
More details here.
https://documentation.meraki.com/MS/Access_Control/MS_Switch_Access_Policies_(802.1X)
Sadly that is not possible.
You can't customize any of that for switches.
Ok, then another question.
I see that MS switch also sending a "Meraki-Device-Name" attribute that contains the switch's name that I can change.
Theoretically I can use this field to pass my custom data to the radius... but, I do not see any documentation that directly says that MS switch will always send the "Meraki-Device-Name" attribute. That means that I cannot use undocumented field...
Is anyone aware about where can I find the documentation about this attribute?
Thanks
@Alexs20 all attributes available are here.
https://documentation.meraki.com/MS/Access_Control/MS_Switch_Access_Policies_(802.1X
If you are not able to find this information here it's probably not supported.