SSID EAP Override Configuration
Dashboard Location: Wireless > Configure > SSIDs > Access Control
Wireless EAP Authentication Parameter Management
Section titled “Wireless EAP Authentication Parameter Management”SSID EAP Override configuration in Meraki wireless networks provides administrators with comprehensive 802.1X authentication parameter control, enabling custom timeout values, retry limits, identity request handling, and EAPOL key exchange optimization. This functionality supports enterprise authentication requirements, network performance tuning, client connectivity optimization, and authentication reliability enhancement in challenging wireless environments. EAP Override is essential for optimizing 802.1X authentication performance, managing authentication timeouts, handling problematic client devices, and ensuring reliable enterprise wireless authentication across diverse client populations and network conditions.
Diagram
Section titled “Diagram”
Classes
Section titled “Classes”ssids (meraki.domains.organizations.networks.wireless)
Section titled “ssids (meraki.domains.organizations.networks.wireless)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| eap_override | Class | [eap_override] | No |
eap_override (meraki.domains.organizations.networks.wireless.ssids)
Section titled “eap_override (meraki.domains.organizations.networks.wireless.ssids)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| timeout | Integer | min: 1, max: 600 | No | |
| identity | Class | [identity] | No | |
| max_retries | Integer | min: 1, max: 5 | No | |
| eapol_key | Class | [eapol_key] | No |
identity (meraki.domains.organizations.networks.wireless.ssids.eap_override)
Section titled “identity (meraki.domains.organizations.networks.wireless.ssids.eap_override)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| retries | Integer | min: 1, max: 5 | No | |
| timeout | Integer | min: 1, max: 600 | No |
eapol_key (meraki.domains.organizations.networks.wireless.ssids.eap_override)
Section titled “eapol_key (meraki.domains.organizations.networks.wireless.ssids.eap_override)”| Name | Type | Constraint | Mandatory | Default Value |
|---|---|---|---|---|
| retries | Integer | min: 1, max: 5 | No | |
| timeout_in_ms | Integer | min: 1, max: 5000 | No |
Examples
Section titled “Examples”Example-1: The example below demonstrates SSID EAP override configuration.
The CORP SSID (SSID 0) has customized EAP override settings that define how authentication behaves under 802.1X. The overall EAP timeout is set to 10 seconds, with the identity phase allowing 3 retries and a 10-second timeout per attempt. The EAPOL key exchange allows 3 retries, with each timeout set to 500 milliseconds. The total number of authentication retries allowed is also limited to 3. These settings help fine-tune client authentication timing and reliability during the EAP handshake process.
meraki: domains: - name: !env domain administrator: name: !env org_admin organizations: - name: !env org networks: - name: !env network_name product_types: - appliance - switch - wireless - camera - sensor - cellularGateway wireless: ssids: - name: CORP ssid_number: "0" eap_override: timeout: 10 identity: retries: 3 timeout: 10 max_retries: 3 eapol_key: retries: 3 timeout_in_ms: 500