Meraki

BlakeRichardson · ‎Sep 22 2022

I am investigating Radius accounting proxy with MR as I am about to deploy a heap of access points. My understanding of Radius accounting via proxy means all accounting packets come from a single source i.e. Meraki clouds rather than directly from each access point.

This means opening up port forwarding from Meraki dashboard to the appliance that is handling these requests. This is not a problem however in the Meraki firewall information page the information shown for Radius accounting doesn't make sense to me.

I was expecting a public IP for a Meraki server but instead it shows the local IP of my security appliance.

Is this correct or have I misunderstood how this works?

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

Brash · ‎Sep 22 2022

You're spot on.

In fact, the below doc desribes exactly what you've said and shows an example of what the "firewall info" page should have (source being dashboard IP's, destination being public IP of RADIUS server)

RADIUS Proxy for WPA2-Enterprise SSIDs - Cisco Meraki

BlakeRichardson · ‎Sep 27 2022

@Brash I suspect only Radius authentication is supported via proxy and accounting information isn't.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

BlakeRichardson · ‎Sep 26 2022

Cheers, my firewall info page on my dashboard is wrong and doesn't show source IP's. I'll try the IP's listed in the documentation.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.