I have implemented a Meraki wireless LAN at our location.
SSID is set to PSK and WPA2
I'm in NAT mode with no splash page.
Everything is in DHCP.
Everything connects seamlessly except for the Sharp MX-C304W and the two HP LaserJet Pro MFPs.
auth_mode='wpa2-psk' reason='eapol_timeout' radio='0' vap='0' channel='6' rssi='60'
No matter what I try I cannot get these printers to authenticate. What am I missing?
Solved! Go to solution.
Finally got the Sharp Copier to connect to the wireless network.
The issue was a domain field buried deep in the copier that had an incorrect name in it. Removed that and it connected right away.
Are you using both 2.5 and 5.0 GHz frequencies? You often find that in some 5.0ghz only deployments some legacy devices won’t join the network
@DarrenOC beat me to the question I would ask 🙂 I have come across devices needing a 2.4 only SSID and I think you still need to ask Meraki support to allow that if you want to try 2.4 only.
I'm running both 2.4 and 5.0 so I don't think that should be the issue.
Try disable band steering in the wireless profile. Some 2.4ghz clients have problems with this
Check the spec sheets or settings for those printers. If they only support 2.4GHz they may not join a dual band SSID. The log snip you shared indicates something is trying a 2.4GHz channel so it seems plausible so far to me.
Here is a screenshot of what I am suggesting and it was the only way I could get some home automation/iot gear to work on my home network:
If I do that, it will restrict all clients to the 2.4 GH band correct?
For that SSID, yes. If your devices require it, you don't really have a choice except to have a separate SSID for legacy devices/printers/whatever requires a 2.4 only SSID.
I attempted that just to see if I could get it to authenticate, but it's still giving me the same issue.
@Troy360 I'd try bridged mode as opposed to NAT mode, NAT mode is really only for devices that need isolating from the rest of the network, i.e. in an internet café or similar.
I tried it in Bridge mode also, but then it failed at DHCP.
Yes, it does. I was able to connect both laptop and phone in Bridged mode.
Have you tried disabling WiFi6 features? What HP models are they?
I haven't tried turning off WiFi6. Would really like to keep those features on, but I'll at least test it.
I've mostly been banging my head against a Sharp Copier MX-C304W
I've also got two HP LaserJet Pro MFP M428fdw printers.
I see the onboard WiFi is very old so I'd definitely try disabling WiFi6, it also seems to support two modes, is it in infrastructure mode?
Yes, it's in Infrastructure mode (although I messed around with trying the other even though it didn't make sense).
I'll try disabling WiFi6 next just to see if it works.
The HPs also seem to have an old wireless chip as they too are N at best:
I'd definitely try disabling WiFi6.
I disabled Wi-Fi 6, turned off 5 gh band and the Sharp is still just stuck in a status of "connecting". I haven't tried the HPs yet.
@Troy360 apologies, I think I sent you down a dead-end, I have checked my home HP printer and it only supports 802.11n, yet is working perfectly with an MR55/56 setup running 28.5. The SSID it is connected to is in bridged mode with other settings as below:
The APs are set to a minimum bitrate of 12Mbps on both bands and they are on dual band without band steering.
I have my HP printer working now. Still no dice on the Sharp Copier but progress!
Which changes got the HPs working, or have they just sprung into life...!
Putting things into Bridge Mode is what made the HPs happy.
I'm waiting on a Sharp technician to do a site visit to see if they can get the copier working.
Same issue with the HPs. On the printer itself it shows it's connected to the SSID and has an IP address, but I can't even ping it.
Are you on the same VLAN and is your IP in the same subnet?
Are you falling foul to the Deny rule under Firewall and Traffic Shaping?
Looks like everything is good on my Firewall and Traffic Shaping. No deny rule that would prevent the copier from connecting.
@Troy360have you made a wireless capture from the AP you're connecting to or an over the air capture through another AP on the same channel.
You have to first determine at what phase your sharp device is stuck.
A full WPA2 PSK auth would like like this:
Client to AP: Auth
AP to client: Auth success
Client to AP associate (if this is missing client probably does not like association params)
AP to client: assoc success or fail (if fail check!, could be some reason code)
AP to client: 1st message of 4 way handshake (shows as dot1x even for pre-shared key)
Client to AP: 2nd message (this one gets stuck if you have wrong PSK)
AP to cleint: 3rd message
Client to AP: 4th message
Client does the DHCP DORA dance.
Do mind that if you capture from the AP you are connecting to you'll only have half of the messages (Meraki issue)
It's better to have another AP on the same channel and capture there. Then you'll have the entire conversation.
Finally got the Sharp Copier to connect to the wireless network.
The issue was a domain field buried deep in the copier that had an incorrect name in it. Removed that and it connected right away.