Hi MRCUR and Philip,   I only read the L3 roaming description which appears at the Meraki dashboard, which only explains it is used to roam between APs, but it doesn't indicates "APs in differents VLANs". I have checked the Meraki documentation and there does explain L3 Roaming is used to roam between APs in different VLANs     Since I can make the wireless VLAN available at all the APs as you said, then I will choose Bridge mode and tagging with the appropiate VLAN. Thanks very much for your help.   Regards, Julián ... View more

Hi MRCUR,   Yeah, that's right and thanks for your help.   Regards, Julián ... View more

Hi Markus,   I have just exported the NPS configuration of the primary RADIUS server and imported to the secondary RADIUS server. I have deleted the primary RADIUS server in the dashboard and the authentication is still unsuccessful. The NPS log is the same I sent you. Do you guess something?   Regards, Julián ... View more

Hi Philip,   You are right, but that the client can attach to an AP which receives weaker signal from is also true. This is my case right now and therefore my laptop browsing speed is lower. In my case it makes no sense since in my office we have 4 APs and we are around 35 people. What was stated by MRCUR is also true.   Regards, Julián ... View more

Hi MRCUR,   Good information! Thanks!   Regards, Julián ... View more

Hi,   I find an option in Meraki which I think it has to do with roaming directly, which is the "Client balancing" feature. When I enable this feature I can see some logs like this:     The AP rejects the association according to load balance, even if the client is receiving stronger signal from this AP. So I don't know how good is to enable this feature, especially for environments with few clients.   Regards, Julián     ... View more

Hi Markus and Adam,   One more question about that. I have delete the primary RADIUS server under Wireless > Access control > RADIUS servers and left the secondary server and try to authenticate, it was unsuccessful. Is this correct? If I authenticate with only one RADIUS server (the secondary) and get EAP failure is it due to previous RADIUS synchronization problem?   Regards, Julián ... View more

Hi Markus,   OK, I understand, I will try it. Thank you very much!   Regards, Julián ... View more

Hi Markus,   I don't understand, what do you mean?   Regards, Julián ... View more

Hi guys,   Just in case, do you know how difficult is the synchronization of RADIUS servers? Because I have googled out and seen that a PowerShell script is needed. If it is very difficult I will tell customer to implement it.   Regards, Julián ... View more

Hi Adam,   Thanks for that recommendation, I will test it.   Regards, Julián ... View more

Hi Markus,   I don't know very much about servers, I have to check the detail configuration with customer. So far I know there are two Windows Servers with AD, in each Windows Server I have aggregated the RADIUS role, Microsoft NPS. I know each Windows Server has its own AD, but I don't know if they are in the same cluster or not (I guess so because customer told me the configurations in both ADs are replicated automatically, but I don't know if that has to do with AD clusters or not).   Regards, Julián ... View more

Yes, that's the reason for which I didn't consider Adaptative 802.11r.   Regards, Julian ... View more

Hi Philip,   That's makes a lot of sense. I will comment this with customer.   Regards, Julián ... View more

Hi MerakiDave,   I am not a starter at 802.11 though I am in the Meraki world.    For starters, consider running the SRC (Stable Release Candidate) firmware 25.9 if you're not already.  You could check with Meraki Support first to scrub your config and confirm 25.9 is a good choice, just in case there's a known issue specific to your environment or AP models.   The APs are updated to firmware 25.9.   Newer clients that support 802.11k, 11v, 11r (all of which are there in r25 firmware) can leverage neighbor reports to interact with APs to make optimal roaming decisions, and APs can assist with client balancing, but still, it's the client who makes the decision and initiates the roam.   I could enable 802.11r but according to Meraki some clients may not be able to join the network, so I think is better to not enable it to avoid compatibility problems with some clients.     And implement standard best practices, like setting minimum bit rates to 12Mbps (for example), using automatic power reduction, band steering to favor 5GHz, minimizing the number of SSIDs, using an appropriate channel width, including DFS channels if appropriate, etc.    I have implemented most of the above.   And I completely agree that the device which makes the decision to roam is always the client and not the APs, although we can make adjustments to favor the roaming as you said.   By the way, very great explanation! 🙂   Regards, Julián ... View more

Hi ww,   I have set the minimum bit rate to 12 Mbps. I will try with the driver settings.   Thanks very much, Julián ... View more

Hi Adam,   Just to say I have confirmed my problem was an account without full privileges as you said. After using another one with full privileges I saw the Organization option and was able to delete the accounts. Thank you very much.   Regards, Julián ... View more

Hi Adam,   That should be the reason. I will check.   Many thanks, Julián ... View more

Hi Adam,   You are right. I am sorry but I am very new with Meraki, this is what I see:     How can I go to Organization?   Regards, Julián ... View more

Hi,   Yeah, according to my switch ports that's correct.   Regards, Julián ... View more

Hi,   It is weird, I can see some interfaces with an arrow and some without, and all of them are in forwarding state:     Regards, Julián ... View more