Skip to main content
Cisco Meraki

Eduroam Authentication Integration with MR Access Points

Eduroam is a worldwide roaming service to allow students, researchers and staff from participating institutions to seamlessly roam on the networks of other participating member campuses.  Cisco Meraki is fully compatible with this form of authentication.  The client will connect to the MR using 802.1x RADIUS authentication.  The RADIUS authentication request will be sent from the MR to a local Eduroam federation-level RADIUS server.  The RADIUS server will then forward the request to the clients home institution for authentication.  

2cb96b4f-c585-4574-8525-bd590fdff76e

In this example, the local Eduroam federation-level RADIUS server, will have an IP address of 10.50.2.7.  The MR's will need to be defined on the RADIUS server as RADIUS clients (consult RADIUS server documentation to complete this step).  In the Dashboard, from Configure > Access control, select the SSID that Eduroam users will use to connect.  Make sure to select WPA2-Enterprise with my RADIUS server under Association requirements.

d19c4ded-9efd-4483-ab16-2eca80f7b9e5

Next, add the Eduroam federation-level RADIUS server under RADIUS servers.  The IP address, RADIUS port (1812 is the RFC standard port number), and shared secret of the Eduroam proxy server will need to be defined.

The Test button can be used to confirm that the MR is able to authenticate against the RADIUS server.  Once the test is successful Eduroam clients should be able to connect to the Eduroam SSID.

  • Was this article helpful?