Radius accounting proxy

BlakeRichardson
Kind of a big deal
Kind of a big deal

Radius accounting proxy

I am investigating Radius accounting proxy with MR as I am about to deploy a heap of access points. My understanding of Radius accounting via proxy means all accounting packets come from a single source i.e. Meraki clouds rather than directly from each access point.

 

This means opening up port forwarding from Meraki dashboard to the appliance that is handling these requests. This is not a problem however in the Meraki firewall information page the information shown for Radius accounting doesn't make sense to me.

 

I was expecting a public IP for a Meraki server but instead it shows the local IP of my security appliance.

 

Screen Shot 2022-09-23 at 3.51.19 PM.png

 

Is this correct or have I misunderstood how this works?

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
3 Replies 3
Brash
Kind of a big deal
Kind of a big deal

You're spot on.

In fact, the below doc desribes exactly what you've said and shows an example of what the "firewall info" page should have (source being dashboard IP's, destination being public IP of RADIUS server)

RADIUS Proxy for WPA2-Enterprise SSIDs - Cisco Meraki

BlakeRichardson
Kind of a big deal
Kind of a big deal

@Brash  I suspect only Radius authentication is supported via proxy and accounting information isn't. 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
BlakeRichardson
Kind of a big deal
Kind of a big deal

Cheers, my firewall info page on my dashboard is wrong and doesn't show source IP's. I'll try the IP's listed in the documentation. 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels