I have implemented a Meraki wireless LAN at our location.
SSID is set to PSK and WPA2
I'm in NAT mode with no splash page.
Everything is in DHCP.
Everything connects seamlessly except for the Sharp MX-C304W and the two HP LaserJet Pro MFPs.
auth_mode='wpa2-psk' reason='eapol_timeout' radio='0' vap='0' channel='6' rssi='60'
No matter what I try I cannot get these printers to authenticate. What am I missing?
Are you using both 2.5 and 5.0 GHz frequencies? You often find that in some 5.0ghz only deployments some legacy devices won’t join the network
@UCcert beat me to the question I would ask 🙂 I have come across devices needing a 2.4 only SSID and I think you still need to ask Meraki support to allow that if you want to try 2.4 only.
Check the spec sheets or settings for those printers. If they only support 2.4GHz they may not join a dual band SSID. The log snip you shared indicates something is trying a 2.4GHz channel so it seems plausible so far to me.
For that SSID, yes. If your devices require it, you don't really have a choice except to have a separate SSID for legacy devices/printers/whatever requires a 2.4 only SSID.
@Troy360 I'd try bridged mode as opposed to NAT mode, NAT mode is really only for devices that need isolating from the rest of the network, i.e. in an internet café or similar.
I haven't tried turning off WiFi6. Would really like to keep those features on, but I'll at least test it.
I've mostly been banging my head against a Sharp Copier MX-C304W
I've also got two HP LaserJet Pro MFP M428fdw printers.
Yes, it's in Infrastructure mode (although I messed around with trying the other even though it didn't make sense).
I'll try disabling WiFi6 next just to see if it works.
@Troy360 apologies, I think I sent you down a dead-end, I have checked my home HP printer and it only supports 802.11n, yet is working perfectly with an MR55/56 setup running 28.5. The SSID it is connected to is in bridged mode with other settings as below:
The APs are set to a minimum bitrate of 12Mbps on both bands and they are on dual band without band steering.
Putting things into Bridge Mode is what made the HPs happy.
I'm waiting on a Sharp technician to do a site visit to see if they can get the copier working.
Are you falling foul to the Deny rule under Firewall and Traffic Shaping?
@Troy360have you made a wireless capture from the AP you're connecting to or an over the air capture through another AP on the same channel.
You have to first determine at what phase your sharp device is stuck.
A full WPA2 PSK auth would like like this:
Client to AP: Auth
AP to client: Auth success
Client to AP associate (if this is missing client probably does not like association params)
AP to client: assoc success or fail (if fail check!, could be some reason code)
AP to client: 1st message of 4 way handshake (shows as dot1x even for pre-shared key)
Client to AP: 2nd message (this one gets stuck if you have wrong PSK)
AP to cleint: 3rd message
Client to AP: 4th message
Client does the DHCP DORA dance.
Do mind that if you capture from the AP you are connecting to you'll only have half of the messages (Meraki issue)
It's better to have another AP on the same channel and capture there. Then you'll have the entire conversation.