Meraki setup for RadSec

🚧

You must use Meraki Firmware 31.1.1 or later. 30.6 has a known bug whereby RadSec will not attempt a connection

Foxpass RadSec allows a RADIUS connection via TLS for an additional layer of security. This setup guide will help you configure Meraki equipment with Foxpass RadSec.

Configure Meraki

1. Download RadSec Server CA from the Foxpass RadSec page.

2. In the Meraki dashboard, go to Organization --> Certificates

3. In the top right section, click "Upload CA certificate" and upload the RadSec server CA downloaded in Step 1.

4. In the bottom right section, click the “Download CA” button. (If the "Download CA" button isn't there, chose "Generate CA" (this might take a while) and then choose "Trust".)

4. Go to Foxpass RadSec page now. Click "Upload Customer Client CA" button.

6. Upload the Meraki CA downloaded in Step 4.

Configure SSID for RadSec

Go to Wireless > Configure > Access control. For your SSID:

• SSID (name) - Your SSID name
• SSID status - Enabled
• Enterprise with - my RADIUS server

• Wi-Fi Personal Network (WPN) - Disabled

• WPA encryption - WPA2 only

• 802.11w - Disabled

• Mandatory DHCP - Disabled

• For RADIUS servers:

  1. Host IP - radius.foxpass.com
  2. Port - 2083
  3. Secret - 'radsec' (it’s always ‘radsec’)
  4. Check box under RadSec.
  5. Do not press the 'Test' button. It doesn't support RadSec.
  6. Click Done.

• Now connect to your SSID.

• You can see successful/unsuccessful logs on the radius logs page.