Just started playing with dot1x and dot1x authentication on Meraki APs. I have several questions. Authentication using an external RADIUS server works. Is there a default time period before the user is prompted to authenticate again? It seems the only way that we can force the user to reauthenticate is when the user deletes the SSID and re-joins.   Does the per user VLAN tagging using a RADIUS group policy attribute really work?   Looking at the do1x logging, we see numerous RADIUS response, 802.1X EAP success, 802.1X authentication event types for each client that seem to come at random time intervals. Are these message related to the client going through sleep/wake cycles?   If we change the user password on the RADIUS server, should the user be prompted to re-authenticate? That doesn't seem to happen.    Where, how are the credentials caches so authentication is not required each join you connect to the SSID?   Thanks in advance for any help. ... View more