Solved
Meraki keeps haunting me.
I try to setup Client VPN with Windows server 2019 NPL-server.
I have followed the guide at
My Meraki is on another site from my AD.
They are connected via Site 2 Site non Meraki VPN.
It works fine and all traffic flows from Meraki to AD-site.
My Meraki can ping the Radius-server from default source.
I have opened all ports on the Radius-server, inbound and outbound (just for test).
I have checked the shared secret and even changed it to something simple like 12345, and the same in Meraki Dasboard.
I have run sc sidtype IAS unrestricted on the Radius-server and rebooted.
I have deleted the file %windir%\system32\ias\ias.xml and rebuilt the settings in NPS.
I have checked Allow on Network Access Permission on the testusers AD-account and tried to check Control access through NPS Network Policy.
I have created a completely new user in my AD just to be sure that nothing "old" is making the error.
I have checked the Attribute msRADIUSServiceType so it is empty.
I have tried to connect with VPN from my Samsung phone with only data traffic enabled, and not wifi.
I have activated logging on the Radius server firewall for dropped connections, nothing is dropped.
I have activated logging Audit Policy (Account logon events and Logon events) on my Radius Server but the security logs shows no logging at all about failed connections.
I have tried to use different methods in username, domainname.local\username, domainname\username username@domainname.com and just username.
I have tried multiple different accounts.
Probably tried a number of more things, but no success at all.
The error I get is Error 691.
Meraki Cloud Authentiaction and AD authentication works .
I'm not sure what else I Can try now.
Maybe try to install NPS on an old Server 2012R2 just to make sure there is nothing strange with the 2019-server.
1 Accepted Solution
