Hey there, I'm having a really strange issue with my RADIUS server in my enterprise. 2 Days ago, my laptop stopped responding to our office wireless, then another engineer in the IT dept had the same issue. Just had someone from sales express the same issue.
Checking in the Meraki logs, I get the issue posted below.
It looks like it's not being able to respond to requests. We thought it might be a wireless driver issue, and had updated both of them, with no luck. Any ideas?
Also, I believe it's strictly a RADIUS issue. We've got multiple access points that operate off of Meraki, but they all show 802.1X deauthentication issues
Out of curiosity what OS are the (two?) affected devices running, if Windows what release specifically as well e.g. W11 22H2. Any patching performed on the RADIUS server host?
Seems odd that it would just happen out of the blue if all those clients were previously working!
Hi @Local_goat ,
I've experienced it a feel time ago, and I resolved It, increasing the server timeout value on my SSID.
Giving this a shot right now
No luck unfortunately.
Have you noticed any message error on Radius Log Server?
Also, you can test It putting your machine at the same network that your APs are, and test it with NTradping.
Can certainly give it a shot right now
first off that's an incredibly helpful tool. Secondly, I had gotten no response from the server. Which to me is insane, as the Screenbeams have to reach out to it to actually come back online.
Cool IT Fun fact: Scans work better when you actually have the ability to run them on your network.
I think it says the radius server did not respond. So you would need to check if the radius server responds to a request, and if that packet makes it back to the AP
Novice question, how could I monitor that?
Would first check the radius log if it gets the request and send back a response. You could additional run a packet capture on the radius server.
From the meraki dashboard you can also take packet captures on the AP. To see if it receives the response from the radius server https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Packet_Capture_Overvi...
It was my previous suggestion 😅
Thank you so much for that suggestion, I ran a packet capture, and had unplugged a Screenbeam in the office, which I know would reach out to the RADIUS server once it starts up, and it had been working before the issue started. I've got my packet capture set for wireless, and all access points. However, my Wireshark outputs are blank when I filter for RADIUS, and I ensured that I had the secret key in the settings. Is there something I'm goofing up on my end?
Try capture the lan interfaces. Radius is between the ap ip and the radius server ip.
Would I be able to do that in the Meraki tool, or should I do some configuring in wireshark?
Looks like the radius server is sending an Access:Reject result
It's probably because you didn't configure your IP address in your Radius client. What is the result if you test It on your SSID? Like that:
You can monitor with a network monitor system, like Zabbix.
I'll see if I can't give that a shot right now, I'll set a box up with Ubuntu to get it going
UPDATE: So, this issue has actually been something related to Credential Guard. The newest Windows Update automatically enables this feature, and we've fallen down a rabbit hole with our computer certificates and how to work with them. It's still ongoing, hopefully we'll be able to get this finished off.
Windows 11 22H2? I was reading about that the other day if so. Are you running the Enterprise version?