The Meraki Community
Register or Sign in
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • About mak2018
mak2018

mak2018

Here to help

Member since Apr 11, 2018

‎05-19-2022
Kudos given to
User Count
PhilipDAth
Kind of a big deal PhilipDAth
1
MRCUR
MRCUR
1
View All

Community Record

15
Posts
0
Kudos
0
Solutions

Badges

1st Birthday
First 5 Posts
Lift-Off View All
Latest Contributions by mak2018
  • Topics mak2018 has Participated In
  • Latest Contributions by mak2018

Re: API access admin only?

by mak2018 in Developers & APIs
‎05-18-2022 11:27 AM
‎05-18-2022 11:27 AM
Great thanks all! ... View more

API access admin only?

by mak2018 in Developers & APIs
‎05-18-2022 10:28 AM
‎05-18-2022 10:28 AM
Is there a way to limit API access to a read only account?  Just not clear after reading the documentation if API gets all admin access or you can limit via the user account access? ... View more

Windows10 clients not able to connect via Radius

by mak2018 in Wireless LAN
‎12-15-2021 06:16 AM
‎12-15-2021 06:16 AM
We have been using Meraki for years and all of a sudden last week Windows 10 clients weren't able to connect.  Auth would succeed on the Windows NPS server but on the client side they would get a message saying "Cant connect to this network" or something to that affect.  OSX clients can connect without issue.     Support team found that unchecking 'verify server certificate' allowed them connect.  So the ops team updated both certs and restarted NPS but still some users are getting the same message and unchecking that setting allows them to connect.     Does anyone have any idea what can be done on those Windows 10 clients to allow them to verify the cert and connect?  The cert is valid and the only think I can think of is something changed on those win10 clients that is preventing them installing or validating a new cert?  Note that we have always had a cert on the NPS server and this was never an issue until last week.  ... View more
Labels:
  • Labels:
  • Other
  • SSID

Re: Windows10 machines no longer able to connect

by mak2018 in Wireless LAN
‎05-05-2020 01:51 PM
‎05-05-2020 01:51 PM
Ok, cert was installed without the key which broke auth for win10 clients.  OSX and Android were able to auth without issue regardless of whether they key was installed on the NPS server.  Once the cert + key were reinstalled it started working (had to stop/start NPS).     Hopefully this helps someone in the future.   ... View more

Re: Windows10 machines no longer able to connect

by mak2018 in Wireless LAN
‎05-05-2020 11:14 AM
‎05-05-2020 11:14 AM
Thanks but I didnt install the cert, another team did so I can't say if it was installed right or wrong. But all of this would lead me to believe it is cert related. First link doesn't apply as we aren't using win7 clients, all win10 and OSX. Second link looks promising because when I look at the recently renewed/installed cert on the NPS server it has no KEY whereas the previous ones did. Checking with the team that manages that aspect right now. ... View more

Re: Windows10 machines no longer able to connect

by mak2018 in Wireless LAN
‎05-05-2020 11:08 AM
‎05-05-2020 11:08 AM
Password complexity didn't change and if it was that I would assume it would be across the board but it isn't.  Its just this single NPS server.  Same CA digicert.  The only thing we have seen in the packet captures showed some TLS mismatches between windows clients and the NPS server but even when enabling 1.2 which the Windows clients appear to be using it made no difference.     At my wits end here.   ... View more

Windows10 machines no longer able to connect

by mak2018 in Wireless LAN
‎05-05-2020 10:50 AM
‎05-05-2020 10:50 AM
have a strange issue.    Are primary NPS (2008R2) authenticating against AD has been working a long time.  The cert expired and that server was recently patched. Cert was renewed, installed and the policy updated to start using it.  Sometime between all of this (COVID-19 no one in the office to notice) Windows10 clients can no longer connect and the logs on the NPS server show the right clients/policy/etc.. but always deny access based on:       Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect.     If I test auth from the Meraki portal using that same u/p it works fine.  If I push auth to another radius server in our environment those Windows10 clients can connect without issue.  Obviously, different server, different cert but identical policies.  I have tired everything, recreating the policy. update the pres-hared key, disabling cert check on local clients, enabling TLS1.2 but nothing seems to matter.    Note OSX/Andorid have no issues connecting via the same policy/NPS server..Just seems to be windows 10 machines.     Does anyone have any ideas that can help me figure this out?    ... View more

Re: One SSID failing on NPS

by mak2018 in Wireless LAN
‎02-11-2019 08:13 AM
‎02-11-2019 08:13 AM
What do you want to know exactly? What settings are changed where?  I don't follow your question.  Like I said Win10 cannot create the profile by itself when a user attempts to connect for the first time.  It has to be created manually and that is the problem I am trying to solve.     FWIW I asked the help desk team for the settings they are using and will share them.      ... View more

Re: One SSID failing on NPS

by mak2018 in Wireless LAN
‎02-09-2019 01:01 PM
‎02-09-2019 01:01 PM
PEAP man and its from digicert or thawte IIRC.  Dont know the settings as I am not on the helpdesk but the fact remains something with Win10 and the NPS/CERT is causing an issue.  Manually creating the profile or pushing out via GPO doesn't solve the issue at hand, its just a workaround.  ... View more

Re: One SSID failing on NPS

by mak2018 in Wireless LAN
‎02-08-2019 12:50 PM
‎02-08-2019 12:50 PM
Nope because it doesn't even get far enough to create the profile automatically in Win10.  It just fails to connect without creating a profile.  Trying to make this work so no manual intervention is needed.   ... View more

One SSID failing on NPS

by mak2018 in Wireless LAN
‎02-08-2019 12:38 PM
‎02-08-2019 12:38 PM
We have our coporate SSID that seems to simply not work on Windows10 clients.  Help desk has to manually configure the profiles on Win10 boxes in order to allow them to connect.  We have tested this ad nausea and from what I gather when a win10 user attempts to connect and authentication is pushed to an NPS server using a wildcard certificate an error 16 is thrown on the NPS server.  But if I use the same u/p from the meraki portal to test authentication it works fine.    Reason Code: 16 Reason: Authentication failed due to a user credentials mismatch. Either the user name provided does not map to an existing user account or the password was incorrect. If we push AUTH to an NPS server using a cert that matches its name it works without issue.  OSX doesn't have this issue, just windows.     Has anyone seen this before?  ... View more

Re: NPS + Meraki accepting cert

by mak2018 in Wireless LAN
‎04-12-2018 11:41 AM
‎04-12-2018 11:41 AM
Yes and no, server name isn't but the domain is.  We use split dns my man. I am good now, just wanted to know what my options were.  Been using Meraki + NPS + public certs for a long time.  ... View more

Re: NPS + Meraki accepting cert

by mak2018 in Wireless LAN
‎04-12-2018 11:32 AM
‎04-12-2018 11:32 AM
Initially tried to use an existing wildcard (not the norm) but in the end just bought one with the server name itself. ... View more

Re: NPS + Meraki accepting cert

by mak2018 in Wireless LAN
‎04-12-2018 06:51 AM
‎04-12-2018 06:51 AM
Thanks guys.  ... View more

NPS + Meraki accepting cert

by mak2018 in Wireless LAN
‎04-11-2018 03:58 PM
‎04-11-2018 03:58 PM
Been using Meraki and NPS for sometime.  Usually get a digicert installed on the NPS and users need to accept the cert the first time when authenticating.  Is there a way to just allow them to authenticate and validate the cert without them having to accept it?  ... View more
Kudos given to
User Count
PhilipDAth
Kind of a big deal PhilipDAth
1
MRCUR
MRCUR
1
View All
Powered by Khoros
custom.footer.
  • Community Guidelines
  • Cisco Privacy
  • Khoros Privacy
  • Privacy Settings
  • Terms of Use
© 2023 Meraki