I've been having intermittent problems with my WPA2-Enterprise WiFi, using custom RADIUS (from Windows Server 2016), and Systems Manager. I am using a Meraki MR18. The issue basically consists of the wireless connecting on client machines but having no throughput at all, it seems like they'll all authenticated successfully but won't do anything from there. When it's happening on one machine it could be happening on all of them or none of the others, it doesn't seem to have any rhyme or reason as to why it happens. It's got to the point that now all wireless users find it so unusable they just connect to network cables wherever they go.
Interesting the WPA2-PSK never has any issues whatsoever!
Where should I start to look to solve this issue?
Have you tried using Wireless Health to diagnose the issue?
Thanks for the ideas!
I've just updated the firmware, I'm not sure how out of date it was.
I'll check when I next see the issue occuring
This is now happening on my test machine, I am able to ping the AP but not the gateway. I've also checked in the Meraki Dashboard and it's saying this machine is not currently connected.
Using Wireless Health it says that it's failing to authenticate with the following reason "type='802.1X auth fail' num_eap='0' associated='false' radio='0' vap='2'"
I've just checked on the radius servre intp the logs and it says 'Network Policy Server granted access to a user.' and has all the login details and says that it was Meraki etc as it should, so that all looks fine but still no connectivity past the access point.
What should I check next?
Now around 15 minutes later it's just started working again without any intervention from me.
Now it has occured again and I have checked Wireless Health and it's not giving me any error message. Apparently no clients are having problems connecting. When I disconnect and reconnect the WiFi on the machine there is no improvement and on the Meraki event log for this device there are no new entries. It's as if it's not trying to authenticate at all. Same goes for the ability to ping the AP but nothing else