cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Radius event log entries, but no radius server setup

Getting noticed

Radius event log entries, but no radius server setup

Meraki support can't explain this (they are investigating), so thought I would ask here:

 

No radius server setup in dashboard, but event Log has many Radius server entries with iPhones, see screen shots. 

 

Any idea why the event log entries?

 

Screenshot 2018-07-24 at 12.06.47 PM.pngScreenshot 2018-07-24 at 12.07.25 PM.png

23 REPLIES 23
Kind of a big deal

Re: Radius event log entries, but no radius server setup

What the the details of the message hidden in the "more" link?

 

I want to say that this iPhone is sending unsolicited RADIUS messages but those wouldn't be "response" messages I wouldn't think.

Getting noticed

Re: Radius event log entries, but no radius server setup

not much in the "more link, see below.

 

I can't find any information about iPhones sending RADIUS messages unless the wifi network is setup for it.

 

Screenshot 2018-07-24 at 12.23.47 PM.png

Kind of a big deal ww
Kind of a big deal

Re: Radius event log entries, but no radius server setup

only 1 phone? did you reboot this phone?

Getting noticed

Re: Radius event log entries, but no radius server setup

multiple devices show this, and yes have rebooted the devices, even reset the network settings.

Getting noticed

Re: Radius event log entries, but no radius server setup

Looks like one is generated every time the device roams - most likely related to 802.11r: Adaptive since you mention it seems to be only iPhones.
Getting noticed

Re: Radius event log entries, but no radius server setup

Agreed on the roaming and thought of that too, but I can’t find any information that 802.11r adaptive is related to RADUIS without RADIUS server configured with 892.11x.

Kind of a big deal

Re: Radius event log entries, but no radius server setup

Apart from WiFi, do you have any other Meraki kit (which could have a RADIUS configuration on them)?

Getting noticed

Re: Radius event log entries, but no radius server setup

Nothing else.  This is weird....

Kind of a big deal

Re: Radius event log entries, but no radius server setup

Have you run a packet capture to find out where the the traffic is coming from?

Meraki CMNO, Ruckus WISE, Sonicwall CSSA, Allied Telesis CASE & CAI
Kind of a big deal

Re: Radius event log entries, but no radius server setup

Do you need 802.11r or can you try disabling that?

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
Getting noticed

Re: Radius event log entries, but no radius server setup


@Adam wrote:

Do you need 802.11r or can you try disabling that?


I have already tried disabling and the RADIUS messages stop.  But why?  802.11r is helpful to have enabled.

Kind of a big deal

Re: Radius event log entries, but no radius server setup

802.11r is really only useful in a wireless VoIP deployment. The rest of the time... Meh. It doesn't really affect the user experience.

Kind of a big deal

Re: Radius event log entries, but no radius server setup

I disagree.  I much prefer using 802.11r, even for just notebook deployments.  The seamless roaming is - excellent.

Kind of a big deal

Re: Radius event log entries, but no radius server setup

Oh c'mon. What are you doing on your laptop, while moving, that you can actually tell the difference?

Kind of a big deal

Re: Radius event log entries, but no radius server setup

@jdsilva I am guessing you haven't worked in large campus environments were users with laptops roam around site.  Without 802.11r client devices are much more likely to hang onto an access port even though there might be one closer with much better signal and throughput. 

Meraki CMNO, Ruckus WISE, Sonicwall CSSA, Allied Telesis CASE & CAI
Kind of a big deal

Re: Radius event log entries, but no radius server setup

Hi @BlakeRichardson. That's not a very nice thing to assume. Shame on you for your baseless accusations! 😉

I also think you're thinking about 802.11k, or perhaps 802.11v, not 802.11r. r has nothing at all to do with clients roaming decisions.

Kind of a big deal

Re: Radius event log entries, but no radius server setup

@jdsilva  802.11R is related to wireless handover, I was suggesting that without it client devices make the decsion and often they hang onto accesspoints for longer than they should.

 

This is a common problem I have seen over the years. 802.11r is a feature to help reduce this.

 

 

In an education environment you need wireless handover to be as seamless as possible especially with a large campus.  Unless you haven't updated firmware sinc the Krack attack was discovered I see no reason why you wouldn't use this feature. 

Meraki CMNO, Ruckus WISE, Sonicwall CSSA, Allied Telesis CASE & CAI
Kind of a big deal

Re: Radius event log entries, but no radius server setup

Clients always make the decision. 802.11r doesn't change that. 802.11r doesn't even influence that.

 

You're talking about 802.11k.

 

https://documentation.meraki.com/MR/WiFi_Basics_and_Best_Practices/802.11k_and_802.11r_Overview#How_...

 

 

Getting noticed

Re: Radius event log entries, but no radius server setup

Curious if anyone else has RADIUS events with having a RADIUS server setup?

Getting noticed

Re: Radius event log entries, but no radius server setup


@kredmore wrote:

@Adam wrote:

Do you need 802.11r or can you try disabling that?


I have already tried disabling and the RADIUS messages stop.  But why?  802.11r is helpful to have enabled.


I'm not sure what you're after since you know the cause of the messages... Either it's something to do with how the Meraki implements the tagging of the 802.11r messages, or 802.11r really does use a RADIUS message.

Getting noticed

Re: Radius event log entries, but no radius server setup


@Rudi wrote:

@kredmore wrote:

@Adam wrote:

Do you need 802.11r or can you try disabling that?


I have already tried disabling and the RADIUS messages stop.  But why?  802.11r is helpful to have enabled.


I'm not sure what you're after since you know the cause of the messages... Either it's something to do with how the Meraki implements the tagging of the 802.11r messages, or 802.11r really does use a RADIUS message.


I'm trying to understand why the RADIUS even messages are showing, and showing failed auth messages in Wireless Health>Failed Connections.  Disabling 802.11r can make them stop, but from my research there is no connection between 802.11r and RADIUS servers.  Even Meraki support can't figure out why (yet). From what I can tell, the devices are spinning on failed auth attemps, delaying their wifi connections.  Sometimes it's very quick and not-noticeable, but other times it's minutes causing user frustration.  Hope that helps.

Getting noticed

Re: Radius event log entries, but no radius server setup

Looking a bit closer, I now have 802.11x auth fail messages for a chromebook, which should not be effected by 802.11r as adaptive.  

Getting noticed

Re: Radius event log entries, but no radius server setup

Yes, packet capture (monitor mode) has been done and sent to Meraki support about a week ago for investigation.  First line support sees the RADIUS related info, but doesn't know why.  Here's a link to it.

 

Packet Capture

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.