Meraki

Community

Clearpass guests captive portal with Meraki.

JakubR
Comes here often
‎Apr 22 2025 12:30 AM
‎Apr 22 2025 12:30 AM

Clearpass guests captive portal with Meraki.

Hi Team,

 

I'm experiencing an issue with the ClearPass guest captive portal when integrated with Meraki. After successful authentication, users have to manually disconnect and reconnect to gain proper access.

Although I am sending a CoA to update the user's role, and I can see the client disconnecting and reconnecting as expected, the problem is that the client sends a DHCP Request instead of a Discover. Since the user is moved to a different role (and VLAN), the client should be initiating a Discover to obtain an IP address from the new subnet, but that doesn't happen.

Any ideas on how to improve the setup to force the client to properly initiate a DHCP Discover after the VLAN change?

0 Kudos
4 Replies 4
alemabrahao
Kind of a big deal
Kind of a big deal
‎Apr 22 2025 4:13 AM
‎Apr 22 2025 4:13 AM

You should be using a Disconnect, not a CoA. In the web login configuration, you can increase the login delay to accommodate for the network change.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
JakubR
Comes here often
‎Apr 22 2025 4:20 AM
‎Apr 22 2025 4:20 AM

Yes, I am using Disconnect to be exact, following this:

Name:
[Meraki - Terminate Session]
Description:
System-defined profile to disconnect user (Meraki)
Type:
RADIUS_DynAuthZ
Action:
Disconnect
Device Group List:
-
 
 
 
 
Attributes:
 TypeName Value
1.Radius:IETFCalling-Station-Id=%{Radius:IETF:Calling-Station-Id}
2.Radius:IETFAcct-Session-Id=%{Radius:IETF:Acct-Session-Id}
3.Radius:IETFEvent-Timestamp=%{Radius:IETF:Event-Timestamp}
0 Kudos
In response to JakubR
alemabrahao
Kind of a big deal
Kind of a big deal
‎Apr 22 2025 4:23 AM
‎Apr 22 2025 4:23 AM

I suggest you open a support case.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
JakubR
Comes here often
‎Apr 22 2025 4:26 AM
‎Apr 22 2025 4:26 AM

I opened one, they said is the client issue, eventhough no matter what type of client is trying it is always DHCP request rather than DISCOVERY 😞

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
© 2025 Cisco Systems, Inc.