Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
339
Views
0
Helpful
4
Replies

RADIUS SERVER CONFIG

pedro-tomo
Level 1
Level 1

‎03-28-2025 03:12 AM

Hi everyone, I have two radius servers connected to my  L3 switch on the same vlan, each radius authenticates users mapped to two different vlans, one for vlan 100 and other for vlan 200. The clients connect to both vlans via WIFI(Meraki APs), the dhcp pool of vlan 200 is on L3 and for the vlan 100 is on the windows server. I'm having a problem with dhcp on vlan 100, I'm getting the following error on meraki dashboard: "client made a request to the dhcp server but the dhcp server rejected the client's request" and I think it has something to do with the radius configuration on the L3. Please find attached my configuration regarding the radius and tell me how to redirect radius1 and radius2 traffic to the correct ports.

aaa new-model
!
!
aaa authentication login default local line enable
aaa authentication dot1x default group radius

.
.
.
ip radius source-interface VlanX!
!
!
radius server RADIUS1
 address ipv4 X.X.X.X auth-port 1812 acct-port 1813
 key *******
!
radius server RADIUS2
 address ipv4 X.X.X.X auth-port 1812 acct-port 1813
 key *******
!
interface GigabitEthernet1/0/13
description to RADIUS1
switchport mode access
switchport access vlanX
interface GigabitEthernet1/0/14
description to RADIUS2
switchport mode access
switchport access vlanX

 

 

Labels:
0 Helpful
4 Replies 4

marce1000
Hall of Fame
Hall of Fame

‎03-28-2025 04:14 AM

 

  - Advising to post the issue  in : https://community.meraki.com/t5/Wireless/bd-p/wireless-lan

    M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

pedro-tomo
Level 1
Level 1
In response to marce1000

‎03-31-2025 04:14 AM

Thank you

0 Helpful

Marth
Level 1
Level 1

‎03-29-2025 10:17 AM

@pedro-tomo wrote:

Hi everyone, I have two radius servers connected to my  L3 switch on the same vlan, each radius authenticates users mapped to two different vlans, one for vlan 100 and other for vlan 200. The clients connect to both vlans via WIFI(Meraki APs), the dhcp pool of vlan 200 is on L3 and for the vlan 100 is on the windows server. I'm having a problem with dhcp on vlan 100, I'm getting the following error on meraki dashboard: "client made a request to the dhcp server but the dhcp server rejected the client's request" and I think it has something to do with the radius configuration on the L3. Please find attached my configuration regarding the radius and tell me how to redirect radius1 and radius2 traffic to the correct ports.

aaa new-model
!
!
aaa authentication login default local line enable
aaa authentication dot1x default group radius

.
.
.
ip radius source-interface VlanX!
!
!
radius server RADIUS1
 address ipv4 X.X.X.X auth-port 1812 acct-port 1813
 key *******
!
radius server RADIUS2
 address ipv4 X.X.X.X auth-port 1812 acct-port 1813
 key *******
!
interface GigabitEthernet1/0/13
description to RADIUS1
switchport mode access
switchport access vlanX
interface GigabitEthernet1/0/14
description to RADIUS2
switchport mode access
switchport access vlanX

 

 

This suggests a misconfiguration between your RADIUS servers, VLAN assignments, and DHCP settings. First, ensure that your RADIUS servers are correctly configured to assign VLANs based on user authentication. This requires setting attributes like Tunnel-Type, Tunnel-Medium-Type, and Tunnel-Private-Group-ID to designate VLAN assignments properly. Additionally, verify that the switch ports connected to the Meraki APs are set to trunk mode, allowing multiple VLANs to pass through. This ensures that clients can be dynamically assigned to the correct VLAN.

Another crucial step is to confirm that the DHCP server for VLAN 100 is accessible and properly configured to distribute IP addresses to clients. Check for any IP conflicts or exhausted address pools, as these can prevent proper DHCP assignment. Additionally, review the VLAN tagging settings on your Meraki APs to ensure they align with your network’s VLAN assignments, as misconfigurations here can block clients from reaching the correct DHCP server. If conflict logging is enabled on your DHCP server, consider disabling it, as it can sometimes interfere with address assignment and lead to similar issues.

To resolve this problem, review and adjust the configurations mentioned above, and monitor the Meraki dashboard along with switch logs for any persistent errors.

0 Helpful

pedro-tomo
Level 1
Level 1
In response to Marth

‎03-31-2025 04:13 AM

Thank you for your options in order to solve this issue.
My connections to the Aps are trunk and my  address pools are not exhausted. And about the Radius misconfiguration can you give me an example with commands and details?

0 Helpful
Customers Also Viewed These Support Documents