I don't think anyone has mentioned the impact of the "RADIUS Proxy" setting on the Access Control Configuration page. If you do not use RADIUS Proxy, I believe the RADIUS messages will originate from the management interface of each access point. If you do use RADIUS Proxy, the messages will originate from Meraki cloud as indicated on the firewall info page. In one of my networks where I use RADIUS proxy, the firewall info page shows a line for port 1812 where the source IP contains three networks (two /24 and one /20). The destination IP shows the addresses of my two RADIUS servers. When I did the initial setup, I added the three Meraki-provided CIDR ranges as allowed clients in my RADIUS configuration.
... View more