- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
RADIUS server authenticating some users, others randomly losing access
Hey there, I'm having a really strange issue with my RADIUS server in my enterprise. 2 Days ago, my laptop stopped responding to our office wireless, then another engineer in the IT dept had the same issue. Just had someone from sales express the same issue.
Checking in the Meraki logs, I get the issue posted below.
It looks like it's not being able to respond to requests. We thought it might be a wireless driver issue, and had updated both of them, with no luck. Any ideas?
- Labels:
-
Other
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Also, I believe it's strictly a RADIUS issue. We've got multiple access points that operate off of Meraki, but they all show 802.1X deauthentication issues
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Out of curiosity what OS are the (two?) affected devices running, if Windows what release specifically as well e.g. W11 22H2. Any patching performed on the RADIUS server host?
Seems odd that it would just happen out of the blue if all those clients were previously working!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Local_goat ,
I've experienced it a feel time ago, and I resolved It, increasing the server timeout value on my SSID.
Please, if this post was useful, leave your kudos and mark it as solved.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Giving this a shot right now
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
No luck unfortunately.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Have you noticed any message error on Radius Log Server?
Please, if this post was useful, leave your kudos and mark it as solved.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Also, you can test It putting your machine at the same network that your APs are, and test it with NTradping.
https://community.microfocus.com/img/oes/w/oes_tips/9928/ntradping-1-5-radius-test-utility
Please, if this post was useful, leave your kudos and mark it as solved.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Is it possible to test It with Ntraping as I suggested?
Please, if this post was useful, leave your kudos and mark it as solved.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Can certainly give it a shot right now
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
first off that's an incredibly helpful tool. Secondly, I had gotten no response from the server. Which to me is insane, as the Screenbeams have to reach out to it to actually come back online.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Cool IT Fun fact: Scans work better when you actually have the ability to run them on your network.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I think it says the radius server did not respond. So you would need to check if the radius server responds to a request, and if that packet makes it back to the AP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Novice question, how could I monitor that?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
https://documentation.meraki.com/MR/Encryption_and_Authentication/RADIUS_Issue_Resolution_Guide
Would first check the radius log if it gets the request and send back a response. You could additional run a packet capture on the radius server.
From the meraki dashboard you can also take packet captures on the AP. To see if it receives the response from the radius server https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Packet_Capture_Overvi...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It was my previous suggestion 😅
Please, if this post was useful, leave your kudos and mark it as solved.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you so much for that suggestion, I ran a packet capture, and had unplugged a Screenbeam in the office, which I know would reach out to the RADIUS server once it starts up, and it had been working before the issue started. I've got my packet capture set for wireless, and all access points. However, my Wireshark outputs are blank when I filter for RADIUS, and I ensured that I had the secret key in the settings. Is there something I'm goofing up on my end?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Try capture the lan interfaces. Radius is between the ap ip and the radius server ip.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Would I be able to do that in the Meraki tool, or should I do some configuring in wireshark?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Looks like the radius server is sending an Access:Reject result
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It's probably because you didn't configure your IP address in your Radius client. What is the result if you test It on your SSID? Like that:
Please, if this post was useful, leave your kudos and mark it as solved.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You can monitor with a network monitor system, like Zabbix.
Please, if this post was useful, leave your kudos and mark it as solved.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'll see if I can't give that a shot right now, I'll set a box up with Ubuntu to get it going
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
UPDATE: So, this issue has actually been something related to Credential Guard. The newest Windows Update automatically enables this feature, and we've fallen down a rabbit hole with our computer certificates and how to work with them. It's still ongoing, hopefully we'll be able to get this finished off.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Windows 11 22H2? I was reading about that the other day if so. Are you running the Enterprise version?