That is how I do it now, but would rather perform NAC and its management via the Meraki portal. It just seems more efficient and logical to be managed in a "networking portal", and I honestly loathe Microsoft NPS.    Cisco charging an arm and a leg for a glorified radius server that just checks the validity of a certificate and group membership to grant access is ridiculous.  ... View more

I got a quote for Access Manager, and the pricing is ridiculous. The fact that I have to pay the amount of money they quoted me so I can securely do NAC on their hardware is ridiculous.  ... View more

I got a quote for Access Manager, and the pricing is ridiculous. The fact that I have to pay the amount of money they quoted me so I can securely do NAC on their hardware is ridiculous.  ... View more

Here we are in 2026 on firmware version 17.2.2 and there is still no reboot stack option for the MS250  ... View more

I am working through this myself as there is no documentation on how to do this with a Windows CA. But what I have come up with so far is.   You have to setup user certificate auto enrollment. Take special note of how you manually configure the Wifi connection and configure your GPO accordingly. https://documentation.meraki.com/Access_Manager/Access_Manager_Configuration_Guides/Access_Manager_-_EAP-TLS_Client_Configuration_(Windows%2C_macOS_and_iOS)   I have gotten it to work with an endpoint certificate, and I am now working on the user part with Entra.  ... View more

Yeah I have IPv6 disabled, which was confusing. Thank you! ... View more