Hello
I am having issues with the radius.
Mr 33
a recent
Version in use: MR 28.7.1.
The customers are unable to connect to the network
The test proves that the Meraki AP's are successfully able to reach the RADIUS server and (I'm fairly sure) that they are authorized to send RADIUS requests.
However it doesn't validate that the client can successfully authenticate.
What do your authentication policies look like on the RADIUS server? What are you using to identify and authorize clients? (Eg, computer name, username, certificates)
Have you checked the logs on the Radius server?
Hi I checked the radisus server .
I get this message
Perfect, you need to install AD CS.
There are many server options available for RADIUS, which should work with MR access points if configured correctly. Please refer to your RADIUS server documentation for specifics, but the key requirements for WPA2-Enterprise with Meraki are as follows:
Once the RADIUS server is configured, refer to the Dashboard Configuration section below for instructions on how to add your RADIUS server to Dashboard.
What do you mean with AD CS?
active directory certificate server. For 802.1x It's necessary to have a server certificate.
It's an old article but take a look at Install and Configure the Microsoft Windows 2008 Server as a CA Server
When I built the cA, did I need to install it on the PC for the users ?
If you are using PEAP It is not necessary, just for EAP-TLS.
You can download this document and follow the steps.
One question more . There is any way to access wothout a CA . A user are able to connect 8021x only with AD domain ? I belive MS CHAP it is possible ?
Nope, to use 802.1x It's required a server certificate from a Certificate Authority (CA). The client does not have to validate It, but on the server, I have to install a certificate.
On Cisco WLC I know that is possible to use LDAP to 802.1x, but on Meraki, I think that is not possible.
Thanks crack
Hi i am watching this video the guy dosen’t set up a server certificate from a Certificate Authority (CA).
802.1x needs a server certificate. I'm 100% sure of that. In this video he is configuring a policy in NPS, probably AD CS has been installed.
trust me 802.1x doesn't work without a server certificate.
Protected EAP (PEAP) – it uses inner and outer authentication. Nevertheless, the Authentication Server (AS) presents a digital certificate to authenticate itself with the supplicant in the outer authentication.