Hi Guys, We need some advise as what are the best practices to integrate EAP-TLS or EAP based authentication for meraki MX 250. I reviewed the documentation so ISE integration using radius is straight forward. We would like to if EAP TLS option is automatically done by meraki or we need to manually add a cert on meraki end, also does ISE and Endpoint needs to have the same cert or it is not needed. What are the specific limitations in terms of use case for profiling and posturing as it only says limited. We will also add DUO MFA so not sure if EAP TLS would cause a problem as DUO only supports PEAP and MS CHAPv2 , from my understanding DUO would only communicate to AD for authentication of the user, are there any documents which explains entire workflow with ISE + DUO using Meraki VPN. Regards, Sam
... View more