Systems Manager Sentry VPN security for Windows 10 client asking for username/password

Austin
Here to help

Systems Manager Sentry VPN security for Windows 10 client asking for username/password

Hello, I have read this and this page to configure the Meraki Systems Manager Sentry VPN to automatically push a VPN configuration to my devices. The second link states the following:

 

When using Systems Manager Sentry VPN security, the username and password used to connect to the client VPN are generated by the Meraki cloud.

Usernames are generated based on a hash of a unique identifier on the device and the username of that device. Passwords are randomly generated.

 

The automatic username and password work fine on my iOS and macOS devices--they are not prompted for authentication when connecting to the VPN.

However, my Windows 10 devices are prompted for a username and password when connecting to this VPN network. Any idea how I can fix this?

5 REPLIES 5
SoCalRacer
Kind of a big deal

This could be a security setting being forced on the Windows 10 devices.

 

Launch rasphone.exe from the endpoint. Select the VPN connection profile and click Properties. On the options tab is Remember my credentials checked?

Slobs2
Getting noticed

I am having the same issue. I tried @SoCalRacer 's suggestion and it did not work. DId you find a solution?

Hello @Slobs2. I did not try @SoCalRacer's suggestion because I've been migrating to our SSO provider to authenticate the VPN user instead. Sorry I don't have a better answer for you.

Hello @Austin  , very interested to know how does the SSO provider to authenticate the VPN user work, and which SSO provider you used?

I was so hopeful, but didn't read the fine print. I was able to set up SSO, but it's only for my administrators' access to the Meraki Dashboard. When I last looked this up, this SSO was not tied into the Client VPNs users authentication. Seems like there are 2 or 3 different types of users for 2 or 3 different types of capabilities in Meraki. Hopefully these converge and we can use SSO for the Client VPN soon. Sorry to get your hopes up.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels