Eduroam

mcn1841
New here

Eduroam

Hi,

    Has anyone connected Meraki to eduroam. The documentation states that I need to register all my AP's as clients. I only have 33 units but I can see how this is a pain if the number goes higher. Is there another way of accomplishing this? Can the MX be configured to act as a proxy to my local radius server? 

 

Any help is appreciated. 

4 REPLIES 4
ww
Kind of a big deal
Kind of a big deal

 

you only need one setting.

https://documentation.meraki.com/MR/Encryption_and_Authentication/Eduroam_Authentication_Integration...

 

what they need to config on the Eduroam federation-level RADIUS is not your problem i guess.. they probably have some script to do this on the radius.

Ben
A model citizen

Hi @mcn1841 ,

 

I have a network with Eduroam active at the moment. The safest and easiest way to do this is create a management VLAN for your network devices or AP's.  (e.g 10.0.1.0/24)

Put all your network devices in this range and do no allow any client devices to get in here.

 

After this you can ask the people who manage the Eduroam Radius server to whitelist 10.0.1.0/24 for radius authentication and accounting. This way you do not need to register them as separate clients.

All you need to do when this is active is make sure your AP's know the route to the Radius server IP. 

 

When you have this route the radius tests should work.

If they have not changed the ports it's 1812 for authentication and 1813 for accounting. 

 

If you have any other questions let me know!

 

Cheers,

Ben 

AhmedK
Here to help

Hi Ben,

 

Are you still using the same setup for connecting MerakI MR to EDUROAM? 

Because I'm about to deploy the same scenario for  80 MR42 connecting them to Eduroam?

Ben
A model citizen

Yes, it's still active and clients are connecting to the Eduroam without any issues. 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels