Meraki

Community

Reauthentication in EAP (EAP-TLS or PEAP-MSChapv2)

alextsang010778
Here to help
‎Feb 24 2023 11:09 PM
‎Feb 24 2023 11:09 PM

Reauthentication in EAP (EAP-TLS or PEAP-MSChapv2)

Hi all

 

In Wired dot1x, we can configure the reauthentication timer in the suppliant to reauthentication after a certain period of time, so anyone know if we can do the same in Meraki in Wireless AP with dot1x authentication? Say reauthenticate the WIFI client running EAP-TLS every 24 hours?

 

Best regards

 

Alex

0 Kudos
6 Replies 6
alemabrahao
Kind of a big deal
Kind of a big deal
‎Feb 25 2023 2:20 AM
‎Feb 25 2023 2:20 AM

Once the Wireless network is saved in the device, the credentials are saved, with no need for reauthentication.

The timer itself is something that is configured on the Radius server, but it is more common to apply on the wired network, I have never seen it work on wireless networks, usually, when reauthentication is required for an X period of time it is more common to use authentication via captive portal.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
In response to alemabrahao
alextsang010778
Here to help
‎Feb 25 2023 7:18 AM
‎Feb 25 2023 7:18 AM

Other WIFI manufacture implemented reauthentication timer, so the AP will perform reauthentication to the client when timer expired. So we would like to know if Meraki also has this timer? or it has a default reauthentication timer?

0 Kudos
In response to alextsang010778
alemabrahao
Kind of a big deal
Kind of a big deal
‎Feb 25 2023 7:46 AM
‎Feb 25 2023 7:46 AM

You can find EAP timers on advanced Radius settings, but it does not have a reauthentication timer.

 

alemabrahao_0-1677339933709.png

 

 
 
 

 

 
I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
alextsang010778
Here to help
‎Feb 25 2023 8:13 PM
‎Feb 25 2023 8:13 PM

I checked already, but no luck, so want to see any expert here know to configure the reauthentication timer or any default value of the reauthentication in Meraki.

0 Kudos
In response to alextsang010778
alemabrahao
Kind of a big deal
Kind of a big deal
‎Feb 26 2023 3:37 AM
‎Feb 26 2023 3:37 AM

Unfortunately, It's not possible buddy. This is I'm trying to say.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alextsang010778
alemabrahao
Kind of a big deal
Kind of a big deal
‎Feb 26 2023 3:43 AM
‎Feb 26 2023 3:43 AM

 

maybe using CoA is an option. Take a look at the article.

 

https://documentation.meraki.com/MR/Encryption_and_Authentication/Change_of_Authorization_with_RADIU...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.