802.1x failure in Meraki AP issue

SOLVED
Keith_Li
Comes here often

802.1x failure in Meraki AP issue

Dear All,

 

 

           One of our customer using merkai AP, and they have 15 AP in the network, and suddently today there are 3 AP show alerting, with warning below, and they have NPS radius to allow AP and user autenticated to the network, all the AP IP has added into the NPS list to permit for connecting, but only 3 of the AP get prompting below, any idea what goes wrong ? any help would be appreicated 

 

Recent 802.1X failure
A recent RADIUS test encountered a connectivity issue. Please check your RADIUS server settings. 

 

 

Keith 

1 ACCEPTED SOLUTION
MarkW
Here to help

I have a few older model access point that fail this test because they can't handle the TLS1.2  only settings on the NPS server.  Here's a note I got from Meraki support on this in 2021.  I think I had some MR16s or 18s that were failing these tests too:

 

-----

-Informed him that "The TLS version used by MR to test RADIUS is determined by the firmware version. MR 26.x will use TLS 1.0 and MR 27.x will use TLS 1.2. "

-----

 

So if your AP can't handle new firmware, or just hasn't been updated for a while you may get this error after doing the test routine on the RADIUS server.

View solution in original post

4 REPLIES 4
alemabrahao
Kind of a big deal
Kind of a big deal

Have you tested the Radius Server communication on Meraki Dashboard? Have you checked the pre-shared key configured on your Radius server?

alemabrahao_0-1675335035289.png

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
MarkW
Here to help

I have a few older model access point that fail this test because they can't handle the TLS1.2  only settings on the NPS server.  Here's a note I got from Meraki support on this in 2021.  I think I had some MR16s or 18s that were failing these tests too:

 

-----

-Informed him that "The TLS version used by MR to test RADIUS is determined by the firmware version. MR 26.x will use TLS 1.0 and MR 27.x will use TLS 1.2. "

-----

 

So if your AP can't handle new firmware, or just hasn't been updated for a while you may get this error after doing the test routine on the RADIUS server.

Keith_Li
Comes here often

finally its an issue with the NPS radius policy setting, its resolved thanks

So the accepted solution was not the solution. 😅

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels