cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Meraki VPN with AD authentication

Highlighted
Conversationalist

Meraki VPN with AD authentication

Hi,

 

We've setup a vpn for a client and it uses local credentials. The client decided to have AD authentication and use their AD accounts for VPN access. So on the Meraki it's set to "Active Directory" but every time our vpn client connects it shows us 691: error. Though I'm pretty sure username and password are correct. Below are the settings for the vpn client

 

L2TP/ipsec with pre-shared key

I checked unencrypted password (PAP) under authentication

 

Did I miss something which is causing this issue?

 

Thanks

Jeff

 

 

5 REPLIES 5
Highlighted
Head in the Cloud

Re: Meraki VPN with AD authentication

Hi Jeff

Hope you have installed certificate for TLS on your AD server.

 

Kindly refer to the following Url.

https://documentation.meraki.com/MX/Client_VPN/Troubleshooting_Client_VPN#Windows_Error_691

Regards
Ajit
ajitsnw@gmail.com
Highlighted
Conversationalist

Re: Meraki VPN with AD authentication

I did go to mmc > add a certificate

 

Anything I missed here?

 

Thanks

TECH-JEFF

Highlighted
Kind of a big deal

Re: Meraki VPN with AD authentication

Is there a specific reason you chose the ActiveDirectory option rather than using RADIUS via NPS? No certificate shenanigans to worry about with RADIUS via NPS. 

Highlighted
Conversationalist

Re: Meraki VPN with AD authentication

@Nash

 

It's a customer preference to use their AD accounts. 

 

TECH-JEFF

Highlighted
Kind of a big deal

Re: Meraki VPN with AD authentication

RADIUS via NPS uses the customer's Active Directory accounts. I've used this with a couple dozen clients now.

 

https://documentation.meraki.com/MX/Client_VPN/Configuring_RADIUS_Authentication_with_Client_VPN

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.