Meraki

Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Meraki VPN with AD authentication

TECH-JEFF
Here to help
‎Jun 15 2019 1:45 PM
‎Jun 15 2019 1:45 PM

Meraki VPN with AD authentication

Hi,

 

We've setup a vpn for a client and it uses local credentials. The client decided to have AD authentication and use their AD accounts for VPN access. So on the Meraki it's set to "Active Directory" but every time our vpn client connects it shows us 691: error. Though I'm pretty sure username and password are correct. Below are the settings for the vpn client

 

L2TP/ipsec with pre-shared key

I checked unencrypted password (PAP) under authentication

 

Did I miss something which is causing this issue?

 

Thanks

Jeff

 

 

5 Replies 5
AjitKumar
Head in the Cloud
‎Jun 15 2019 3:45 PM
‎Jun 15 2019 3:45 PM

Hi Jeff

Hope you have installed certificate for TLS on your AD server.

 

Kindly refer to the following Url.

https://documentation.meraki.com/MX/Client_VPN/Troubleshooting_Client_VPN#Windows_Error_691

Regards,
Ajit
AjitsNW@gmail.com
www.ajit.network
0 Kudos
In response to AjitKumar
TECH-JEFF
Here to help
‎Jun 15 2019 4:19 PM
‎Jun 15 2019 4:19 PM

I did go to mmc > add a certificate

 

Anything I missed here?

 

Thanks

TECH-JEFF

0 Kudos
Nash
Kind of a big deal
‎Jun 17 2019 6:38 AM
‎Jun 17 2019 6:38 AM

Is there a specific reason you chose the ActiveDirectory option rather than using RADIUS via NPS? No certificate shenanigans to worry about with RADIUS via NPS. 

Windows 10 Client VPN scripts: Makes life better!
0 Kudos
In response to Nash
TECH-JEFF
Here to help
‎Jun 17 2019 10:44 AM
‎Jun 17 2019 10:44 AM

@Nash

 

It's a customer preference to use their AD accounts. 

 

TECH-JEFF

0 Kudos
In response to TECH-JEFF
Nash
Kind of a big deal
‎Jun 17 2019 11:13 AM
‎Jun 17 2019 11:13 AM

RADIUS via NPS uses the customer's Active Directory accounts. I've used this with a couple dozen clients now.

 

https://documentation.meraki.com/MX/Client_VPN/Configuring_RADIUS_Authentication_with_Client_VPN

Windows 10 Client VPN scripts: Makes life better!
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.