Hi 🙂 About docs, I already read and test all those you provide, but thanks anyway 🙂   Ensure that the entire certificate chain is trusted by FreeRADIUS. This includes the root CA and any intermediate CAs. => FreeRADIUS is configured with root CA + intermediate CA in its certs/ folder with individual files as mentionned in the doc. Once again, when I create a request from another server using eapol_test + my user or computer certificate, freeRADIUS trust it and validate it.   Make sure that FreeRADIUS can access the CRL to check for revoked certificates. Ensure that there are no firewall rules blocking RADIUS traffic between the Meraki AP and the FreeRADIUS server. => FreeRADIUS is on the same subnet and vlan where the PKI is hosted so there's no firewall blocking right here. Meraki AP can contact freeRADIUS (icmp or 1812) and reverse too.   Verify that the Windows 11 PC is correctly configured to use EAP-TLS with the machine certificate and that the certificate is correctly installed and trusted by the PC. => I double check my GPO and everything is fine too (cert is delivered by pki through auto-enrollment GPO)   I have no more ideas 😄 ... View more

Thanks, at the moment I already open a case this morning in parallel of this thread as sometimes we may have some good advices from community 🙂 ... View more