Radius setup behavior with SSIDs

chiatt
Here to help

Radius setup behavior with SSIDs

I'm having some trouble getting radius authentication going on a test AP.  This is for a Meraki MR46.

 

Clients fail connection and there are no entries for them in the NPS server logs. I did a wireshark capture and realize there is NO traffic to/from the radius server and the Meraki AP. If I do a ping to the radius server from the AP dashboard I get a response and the traffic shows in wireshark. But if I do a "test" on the radius setup in the SSID there is no traffic being presented from the AP to the server.

 

I'm expecting to see some type of traffic for a test but nothing?

5 Replies 5
BlakeRichardson
Kind of a big deal
Kind of a big deal

Is there an upstream firewall between the MR and the NPS server. Check that the appropriate ports are open on the NPS servers firewall. 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
chiatt
Here to help

I thought of that after disconnecting and was going to check for other security apps that might be causing an issue. AP is local to the server. Windows firewall is disabled on server. I did not look for third party applications on the server to see if something was blocking radius traffic from the AP.

 

There are Aruba APs that are working fine on radius on same switch.

 

I was just expecting at least some type of traffic on wireshark at the server NIC. I get it on the ping, just not the radius test.

BlakeRichardson
Kind of a big deal
Kind of a big deal

Have you followed these guides?

 

https://documentation.meraki.com/MR/Encryption_and_Authentication/Configuring_RADIUS_Authentication_...

 

 

https://documentation.meraki.com/MR/Encryption_and_Authentication/RADIUS_Issue_Resolution_Guide

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
PhilipDAth
Kind of a big deal
Kind of a big deal

 

Double-check the RADIUS configuration in the dashboard. Make sure the IP address for the RADIUS server is correct and not mistyped.

chiatt
Here to help

Everything is working and it looks like Andy had the right answer at the link below. Reboot the server. In our case it was restart Sophos security they had running on the server. There were no alerts or blocks indicated on the logs and the firewall was off but something unknown was blocking the radius request. Once we shut down and restarted Sophos, the radius requests immediately popped up in wireshark and the clients started to connect on the test AP.

 

 

https://community.meraki.com/t5/Wireless/Radius-Connection-Issue/m-p/4772/highlight/true#M852

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels