Meraki

Community

Wifi clients disconnecting from internet but show connected to Wi-Fi ssid

SurajRumpal
Comes here often
‎Aug 17 2023 4:05 AM
‎Aug 17 2023 4:05 AM

Wifi clients disconnecting from internet but show connected to Wi-Fi ssid

Hi,

 

I have recently upgraded our sites Wi-Fi from MR33 to MR36. We have about 20 APs spread out. We have been having on-going issues where clients are getting disconnected from the internet but show connected to the Wi-Fi network. When looking at the logs all I see for the devices is the client successfully roamed from AP to AP. I also some times see in the logs that the DNS and DHCP server was not responding however clients are already connected beforehand and hardwire connections are not affected. 
I am running the latest version from Meraki. I know there is an on-going issue with firmware for Meraki for client balancing. We use radius authentication NPS on our SSID which clients connect to. 

any help would be greatly appreciated as since installing these back in January we have just experienced problems after problems.

0 Kudos
10 Replies 10
DarrenOC
Kind of a big deal
Kind of a big deal
‎Aug 17 2023 5:01 AM
‎Aug 17 2023 5:01 AM

Mate, it’s August, installing these back in January is pushing the boundaries of the word recently 😁

 

What other issues have you experienced or is the one described the only ongoing issue?

 

When you look at Wireless Health in your dashboard what is that telling you?  Are clients struggling to Authenticate or are the errors around DHCP and DNS?  Is this SSID specific or across all SSIDs?

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
0 Kudos
In response to DarrenOC
SurajRumpal
Comes here often
‎Aug 18 2023 9:28 AM
‎Aug 18 2023 9:28 AM

Ah should have made it clearer. Was installed back in January but problems started occurring in around April.

See photo of wireless health 

SurajRumpal_0-1692376007576.png

 

 

DHCP and DNS is done by routers on different vlans. All traffic is allowed on trunk ports on our Cisco switches. It seems to be most problematic on the SBC-Occupier SSID mainly.

0 Kudos
GreenMan
Meraki Employee All-Star Meraki Employee All-Star
Meraki Employee All-Star
‎Aug 17 2023 7:26 AM
‎Aug 17 2023 7:26 AM

AFAIK issues around client balancing relate to how many clients seem to handle 11v in strange ways.   Some client idisyncracies pre-date r29/11v too.  Did you try simply turning client balancing off, when running 29.x?   As Darren said;   staying on old firmware is pretty unsustainable, in the long-term.

0 Kudos
In response to GreenMan
SurajRumpal
Comes here often
‎Aug 18 2023 9:28 AM
‎Aug 18 2023 9:28 AM

tried turning of client balancing but never saw any difference 

0 Kudos
TBHPTL
Head in the Cloud
‎Aug 17 2023 12:38 PM
‎Aug 17 2023 12:38 PM

WiFi is layer 2, so if clients are connected to wireless AP they are associated  and authenticated plus has an IP, the issue is not the WiFi. They are being filtered somewhere. 

In response to TBHPTL
UKDanJones
Building a reputation
‎Aug 18 2023 1:54 AM
‎Aug 18 2023 1:54 AM

THIS

Please feel free to hit that kudos button
0 Kudos
In response to TBHPTL
SurajRumpal
Comes here often
‎Aug 18 2023 9:31 AM
‎Aug 18 2023 9:31 AM

unsure where else this would get filtered. Meraki connects into a Cisco switch on a VLAN for the customer networks. Our WAN switches have internet facing VLANS. the customer LAN VLAN is trunked across all the switches and allowed on the Meraki uplinks into our switches.

0 Kudos
In response to SurajRumpal
TBHPTL
Head in the Cloud
‎Aug 18 2023 2:16 PM
‎Aug 18 2023 2:16 PM

What type of authentication are the clients using if any?

How are the ports configure trunk or access?

How is the SSID configured, bridged or NAT?

 

Again, if your clients have IP's its not the WiFi...

0 Kudos
In response to TBHPTL
SurajRumpal
Comes here often
‎Aug 28 2023 2:57 AM
‎Aug 28 2023 2:57 AM

Authentication Method we are using is PEAP (EAP) via NPS role on server 2022 sitting in Azure VM.

Meraki access points uplink ports are configured as trunk ports with all traffic allowed. These are connected into Cisco SG350x 48p

SSID is configured with one Vlan from sonicwall. Then Cisco switches allow the vlans to communicate.

0 Kudos
SurajRumpal
Comes here often
‎Sep 6 2023 11:48 AM
‎Sep 6 2023 11:48 AM

Any update guys. Now have discovered that MacBooks are having trouble staying connected to the APs. Keep getting invalid mic, 4 way handshake timeout error and invalid authentication. devices are connecting via the radius authentication on NPS server 2022

0 Kudos
Back to the top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.