Meraki

MartinLL

Hi all,

I'm working on a setup where two Cisco ISE nodes is located behind a load balacer. This is an azure internal load balancer. Traffic from ISE towards NADs retain their original IP address.

Now this causes some issues with COA when i only add the load balancer frontend IP as a RADIUS server. To get coa to work i need to add the load balancer front end as well as the individual node IPs. This fills up the meraki maximum of 3 RADIUS servers leaving no space for expansion.

Is there any way to add the node IPs as just dynamic authors like on IOS-XE?

MLL

alemabrahao

Hi,

Unfortunately, Meraki does not currently support adding dynamic authorization clients (DA clients) separately from RADIUS servers like IOS-XE does. In Meraki, CoA support is tied directly to the configured RADIUS servers.

MR Meraki RADIUS 2.0 - Cisco Meraki Documentation

MS Switch Access Policies (802.1X) - Cisco Meraki Documentation

Change of Authorization with RADIUS (CoA) on MS Switches - Cisco Meraki Documentation

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

alemabrahao

Hi,