How to Enable RADIUS Authentication In Your Meraki Network - Video Version
How to Enable RADIUS Authentication In Your Meraki Network - Step by Step
Go to your Meraki Network Controller.
Click on “Wireless” on the left menu and Select “SSIDs”.
If you already have an existing network, click on “Edit settings” on the network you want to add RADIUS authentication to. If you don’t have a network, select “enabled” on the network you want to add RADIUS authentication to. (In this case, I am going to use the “Keytos Docs” network).
Next we are going to select “Enterprise with” in the “Security” menu and select “my RADIUS server” in the dropdown.
Scroll down to the “RADIUS” section. You can keep the default settings for all the other sections or change them to your liking.
Now click on the “Add Server” link.
In another Tab, go to your EZRADIUS dashboard and copy the “RADIUS Server IP” from the “Policies” page (You can repeat this step for the three IPs for higher availability).
From your Policy Details, Copy the “Shared Secret” you setup for this client IP Address (In this case, my IP address is 34.2.2.1)
Now we will go back to the Meraki Network Network Controller and paste the “RADIUS Server IP” in the “Host IP or FQDN” field.
In the “Port” field, enter “1812”.
In the “Secret” field, paste the “Shared Secret” you copied from EZRADIUS.
Click on “Done”.
If you want to add multiple IPs for higher availability, click on “Add a RADIUS server” and repeat the steps for the other two IPs.
If you want to enable Accounting (It gives you more information about each session such as data used, connection time, etc.), you can do so by adding the same IP addresses and Shared Secrets for Accounting Except the port is 1813 instead of 1812.
If you have setup your EZRADIUS with Filter-ID or VLANs, you can setup the filter ID or VLAN in their respective fields.
Scroll to the bottom and click on “Save Changes”.
How to test Wifi Certificate Authentication in Meraki Network
Now that we have setup the RADIUS authentication in your Meraki Network, we recommend manually testing the authentication to make sure everything is working as expected before dealing with Intune or any other MDM. If you are using EZCA, first you will want to enable self service certificates and manually create a certificate, once you have created the certificate and installed it in your user store, you can test the wifi authentication using the certificate.
How to Troubleshoot Certificate Authentication in EZRADIUS
The best way to troubleshoot certificate authentication in EZRADIUS is to check the logs. You can do this by going to the “Audit Logs” page in your EZRADIUS dashboard and filtering the logs by the user you are trying to authenticate. You can read more troubleshooting tips in our troubleshooting guide.
How to Connect Devices to Meraki Network with Entra ID Certificate Authentication
Now that you have setup your Meraki Network with RADIUS authentication, now you can distribute your certificates using Intune and automatically authenticate your users to the network. If you are not using certificates, you can follow this guide to setup your devices to authenticate with their Entra ID username and password.