Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2461
Views
0
Helpful
1
Replies

Meraki WAP COA Failures

jmartin@mooresvillenc.gov
Level 1
Level 1

‎04-20-2020 11:32 AM

I have a Meraki WAP that is generating alarms in ISE for COA Failure and the event is 5417 Dynamic Authorization Failed. The Access Point is connected to a Catalyst 3850 running IOS-XE 16.6.4a and we are running version 2.6.0.156 Patch 3 of ISE. The WAP is configured in ISE as a Network Device. 

 

The interface on the switch is configured as follows:

interface GigabitEthernet3/0/45
description Cisco Wireless AP Reference
switchport trunk native vlan 254
switchport mode trunk
switchport nonegotiate
spanning-tree portfast
service-policy input AutoQos-4.0-CiscoPhone-Input-Policy
service-policy output AutoQos-4.0-Output-Policy
end

Labels:
0 Helpful
1 Reply 1

Colby LeMaire
VIP Alumni
VIP Alumni

‎04-20-2020 01:10 PM

Do you have other Meraki WAP's that are authenticating to ISE and NOT throwing this same error?  Are they part of the same deployment, managed by the same cloud interface?  It sounds like the WAP is not configured to allow CoA from ISE.  Double check your Meraki cloud configuration to ensure CoA is enabled and that you have all of your ISE PSN's listed as Radius servers.  Also, UDP 1700 (CoA) should be allowed from ISE to the WAP and in return as well.

0 Helpful
Customers Also Viewed These Support Documents