Home > Wireless LAN > Encryption and Authentication > Configuring Clients for 802.1X and Meraki Authentication

Configuring Clients for 802.1X and Meraki Authentication

Windows 10

The following steps will configure a Windows 10 client to use 802.1X with Meraki Authentication (NOTE:  these are instructions for the 802.1X with Meraki Authentication only.  Customer-based RADIUS server configuration requirements are specific to the customer's own RADIUS server and can vary widely):

  1. Click the "Start" menu
  2. Navigate to Settings (Gear Icon) > Network & Internet > Wi-Fi > Manage Known Networks
  3. Click 'Network and Sharing Center'
  4. Select 'Set up a new connection or network'
  5. Select 'Manually connect to a wireless network'
  6. Enter the SSID name in the 'Network name:' field
  7. Select 'WPA2-Enterprise' in the 'Security type:' drop down
  8. Select your encryption type from the 'Encryption type' drop down
  9. Click 'Next'
  10. When 'Successfully added' appears click 'Change connection settings'
  11. Select the 'Security' tab
  12. Click the 'Advanced settings' button
  13. On the '802.1X settings' tab, check the box 'Specify authentication mode' and choose 'User Authentication' from the drop down
  14. Click 'OK'
  15. Back on the 'Security' tab, make sure 'Choose a network authentication method' is set to 'EAP (PEAP)' and then click the 'Settings' button
  16. Click 'OK'
  17. For 'Protected EAP Properties' uncheck 'Validate server certificate' or if you choose to validate server certificate make sure 'Go Daddy Class 2 Certification Authority' and/or 'http://valicert.com' is checked in the 'Trusted Root Certification Authorities' list.
  18. Click the 'Configure' button
  19. Uncheck 'Automatically use my Windows logon name'
  20. Click 'OK' to close all the open dialog boxes

Apple macOS

The following steps will configure a macOS client to use 802.1X with Meraki Authentication (NOTE:  these are instructions for the 802.1X with Meraki Authentication only.  Customer-based RADIUS server configuration requirements are specific to the customer's own RADIUS server and can vary widely):

  1. Go to System Preferences => Network => AirPort => Advanced => 802.1X
  2. Click the "+" button in the lower left corner of the screen to add a new user profile
  3. Enter your user name and password given to you by your network administrator into the fields to the right.
  4. Select your network from the drop down list of menus
  5. Make sure TTLS and PEAP checkboxes are selected
  6. Click "OK"
  7. You should now be able to connect to the network.

Android

The following steps will configure an Android client to use 802.1X with Meraki Authentication (NOTE: these are instructions for the 802.1X with Meraki Authentication only.  Customer-based RADIUS server configuration requirements are specific to the customer's own RADIUS server and can vary widely):

  1. Go to Settings > Wi-Fi
  2. Open the options menu by clicking the context menu button: context_menu_android.png 

Note: This step may vary by device, or on tablets. The Add Wi-Fi option may not be hidden behind a context menu.

  1. Select Add Wi-Fi
  2. Enter the Network SSID name and choose 802.1X EAP from the Security drop-down menu
  3. Choose PEAP from the EAP method drop-down menu
  4. Choose MSCHAPV2 from the Phase 2 authentication drop-down menu
  5. Enter the domain and username in the Identity field. Use the domain/username format
  6. Enter the password for the corresponding username in the password field
  7. Optionally, check the Show Password check-box to verify that the password was entered correctly
  8. Press Save in order to save the changes

Windows 8

Unlike previous versions of the OS, Windows 8 will not attempt to automatically use local credentials for wireless connections. As such, associating with an 802.1X-protected SSID consists of simply connecting to the network, as outlined below:

  1. Navigate to the Desktop.
  2. Select the wireless network icon on the lower-right hand of the screen.
  3. Select the intended SSID on the right.
  4. Check/uncheck the Connect automatically option as intended, and press Connect.
  5. Enter the email address and password of the Meraki RADIUS user, in the User name and Password fields respectively.
  6. Select Connect.
  7. If prompted about a certificate warning, select Connect again.
Last modified

Tags

Classifications

This page has no classifications.

Explore the Product

Click to Learn More

Article ID

ID: 2115

Explore Meraki

You can find out more about Cisco Meraki on our main site, including information on products, contacting sales and finding a vendor.

Explore Meraki

Contact Support

Most questions can be answered by reviewing our documentation, but if you need more help, Cisco Meraki Support is ready to work with you.

Open a Case

Ask the Community

In the Meraki Community, you can keep track of the latest announcements, find answers provided by fellow Meraki users and ask questions of your own.

Visit the Community