Meraki

Community

RADIUS Key Issues

TylerU
Conversationalist
‎Sep 25 2024 11:37 AM
‎Sep 25 2024 11:37 AM

RADIUS Key Issues

Greetings, programs.

Every time we get a firmware update higher than 29.6.1, all of our AP's across all sites stop sending our RADIUS secret key. The NPS servers on the back end stop authenticating users, and we effectively have an outage. I've raised a ticket or two with Meraki support, and provided some packet captures showing the field (it's all 0's rather than the key), but haven't had any luck figuring out an actual fix for it.

 

The only thing that has corrected the issue so far has been to revert back to MR 29.6.1. I'd appreciate it if anyone else could weigh in here, as we're at a loss and can't stay on 29.6.1 forever.

2 Replies 2
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 25 2024 1:31 PM
‎Sep 25 2024 1:31 PM

Using MR 30.6 with WPA2-Enterprise mode and  EAP-TLS here.  No issues. I haven't heard anyone else reporting issues.

 

What mode MR are you using, and what kind of SSID config are you using that requires RADIUS (WPA2-Enterprise mode)?

TylerU
Conversationalist
‎Sep 25 2024 2:00 PM
‎Sep 25 2024 2:00 PM

We're running almost exclusively MR36s. We followed reference documentation to configure RADIUS for certificate-based authentication. 

 

On the backend, we're using a pair of NPS proxies. 

 

We're trying to save our users the effort of having to log in through a splash page, and while it's working the user base appreciates how seamlessly they connect. As soon as we upgrade to another firmware, though, no secret key. It's across multiple sites, though their SSID config is identical.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.