Meraki setup for RadSec
Setting up a Meraki equipment to work with Foxpass RadSec
You must use Meraki Firmware 31.1.1 or later. 30.6 has a known bug whereby RadSec will not attempt a connection
Foxpass RadSec allows a RADIUS connection via TLS for an additional layer of security. This setup guide will help you configure Meraki equipment with Foxpass RadSec.
Configure Meraki
- Download RadSec Server CA from the Foxpass RadSec page.
- In the Meraki dashboard, go to Organization --> Certificates
- In the top right section, click "Upload CA certificate" and upload the RadSec server CA downloaded in Step 1.
- In the bottom right section, click the “Download CA” button. (If the "Download CA" button isn't there, chose "Generate CA" (this might take a while) and then choose "Trust".)
- Go to Foxpass RadSec page now. Click "Upload Customer Client CA" button.
- Upload the Meraki CA downloaded in Step 4.
Configure SSID for RadSec
Go to Wireless > Configure > Access control. For your SSID:
- SSID (name) - Your SSID name
- SSID status - Enabled
- Enterprise with - my RADIUS server
-
Wi-Fi Personal Network (WPN) - Disabled
-
WPA encryption - WPA2 only
-
802.11w - Disabled
-
Mandatory DHCP - Disabled
-
For RADIUS servers:
- Host IP - radius.foxpass.com
- Port - 2083
- Secret - 'radsec' (it’s always ‘radsec’)
- Check box under RadSec.
- Do not press the 'Test' button. It doesn't support RadSec.
- Click Done.
- Now connect to your SSID.
- You can see successful/unsuccessful logs on the radius logs page.
Updated 4 months ago