That is how I do it now, but would rather perform NAC and its management via the Meraki portal. It just seems more efficient and logical to be managed in a "networking portal", and I honestly loathe Microsoft NPS.    Cisco charging an arm and a leg for a glorified radius server that just checks the validity of a certificate and group membership to grant access is ridiculous.  ... View more

Lehacy per-use MFA is disabled.   We don't have a licence for Identity Protection, nor have we configured any policies using it. ... View more

Yes, and I did configure everything in Azure first, before doing anything in Meraki. Didn't make any difference. ... View more