Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

WPA2-Enterprise with public radius

Solved
Lander
Here to help
‎May 9 2018 8:03 AM
‎May 9 2018 8:03 AM

WPA2-Enterprise with public radius

Hi expert

 

I would like to config WPA2-Enterprise with my radius server .  But my radius is public ip address . Could I config public radius for this authentication method. If the can , I need add what ip for on my radius as radius client.? 

0 Kudos
Subscribe
1 Accepted Solution
In response to Lander
HodyCrouch
Building a reputation
‎May 9 2018 8:33 AM
‎May 9 2018 8:33 AM

Look for a row with the description "802.1X with customer-hosted RADIUS" (you may see two rows).

 

Ignore the row that starts with "Your network(s)".  You would use this information if your RADIUS server was hosted in your own data center and needed a firewall rule for the outbound traffic.

 

Look at the other row.  The values in the "Source IP" column are what you need to add to your RADIUS server.

View solution in original post

Subscribe
12 Replies 12
HodyCrouch
Building a reputation
‎May 9 2018 8:15 AM
‎May 9 2018 8:15 AM

Use the RADIUS Proxy setting and then click on the "firewall information page" link to get a list IP addresses that will be used for RADIUS authentication.  Add those IP addresses to your RADIUS server.

0 Kudos
Subscribe
In response to HodyCrouch
Lander
Here to help
‎May 9 2018 8:24 AM
‎May 9 2018 8:24 AM

@HodyCrouch Thanks for you reply. I click on the "firewall information page"  found a lot of ip list. I can't sure which ip need to add my RADIUS server . 

0 Kudos
Subscribe
In response to Lander
Lander
Here to help
‎May 9 2018 8:32 AM
‎May 9 2018 8:32 AM

@HodyCrouch Could you tell me whick IPs need add my Radius server.  How to see ? Thank you very much

0 Kudos
Subscribe
In response to Lander
HodyCrouch
Building a reputation
‎May 9 2018 8:33 AM
‎May 9 2018 8:33 AM

Look for a row with the description "802.1X with customer-hosted RADIUS" (you may see two rows).

 

Ignore the row that starts with "Your network(s)".  You would use this information if your RADIUS server was hosted in your own data center and needed a firewall rule for the outbound traffic.

 

Look at the other row.  The values in the "Source IP" column are what you need to add to your RADIUS server.

Subscribe
In response to HodyCrouch
Lander
Here to help
‎May 9 2018 8:49 AM
‎May 9 2018 8:49 AM

@HodyCrouch I found 209.206.48.0/20 . That mean this whole subnet neet to add my radius ??    If enable Radius Proxy feature. That mean Access-Request messages sent from Dashboard to the RADIUS server ???

0 Kudos
Subscribe
In response to Lander
HodyCrouch
Building a reputation
‎May 9 2018 8:57 AM
‎May 9 2018 8:57 AM

Yes, you need to add that CIDR range to your RADIUS server.

 

The Access-Request messages will come from Meraki's data center, which is probably what you meant by saying Dashboard.

 

0 Kudos
Subscribe
In response to HodyCrouch
Lander
Here to help
‎May 9 2018 9:03 AM
‎May 9 2018 9:03 AM

@HodyCrouch  OK , I understand. Do you have official document for Radius Proxy .  Because I can't found any document about Radius Proxy feature.

Subscribe
In response to Lander
HodyCrouch
Building a reputation
‎May 9 2018 9:04 AM
‎May 9 2018 9:04 AM

I don't work for Cisco.  It sounds like you might want to open a case with this question.

0 Kudos
Subscribe
In response to HodyCrouch
Lander
Here to help
‎May 9 2018 9:08 AM
‎May 9 2018 9:08 AM

OK,Then, Have you configed this feature and successfull on you network?

0 Kudos
Subscribe
In response to Lander
Lander
Here to help
‎May 9 2018 9:08 AM
‎May 9 2018 9:08 AM

@HodyCrouchOK,Then, Have you configed this feature and successfull on you network?

0 Kudos
Subscribe
In response to Lander
HodyCrouch
Building a reputation
‎May 9 2018 10:34 AM
‎May 9 2018 10:34 AM

Yes.  I have a pair of FreeRADIUS boxes running in AWS providing 802.1X authentication to a large number of sites through Meraki's RADIUS proxy.

0 Kudos
Subscribe
In response to Lander
cf-nick
Conversationalist
‎Jan 30 2019 2:27 PM
‎Jan 30 2019 2:27 PM

Have you been able to find it yet? I havent.
0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.