This article will provide steps for setting up macOS devices to connect to a Cisco Meraki wireless network when using the EAP-TTLS protocol.

• RADIUS
• Cisco Meraki wireless network

When connecting to the Cisco Meraki Wireless network, the device must be configured to send the appropriate authentication request. Otherwise, it will result in a failed login with a malformed packet error.

Setting up the wireless network for the macOS devices requires Apple Configuration 2 for a profile to be created and deployed on the devices.

1. In Apple Configurator 2, go to File > New Profile.
2. In the General section, set the Name and Identifier values.

3. Go to the Certificates section and click Configure.

4. Upload the certificate that will be deployed on the macOS devices and the intermediate certificate.

5. Go to the Wi-Fi section and configure the following fields:
   1. SSID: the desired SSID
   2. Security Type: WPA2 Enterprise (iOS 8 or later, except Apple TV)
   3. Accepted EAP Types: TTLS
   4. Inner Authentication: PAP

NOTE: Enterprise Settings options do not appear until after the Security Type is selected. Under Enterprise Settings, select the Trust tab and select the checkbox for the certificate authority.

6. Save the Wi-Fi profile.

• • Go to File > Save.
  • When the dialog appears with a warning that the profile requires user input when installed on a device, click Save Anyway if it is desired for the user to input their username and password. Otherwise, add the username and password.

7. After the profile is created, the .mobileconfig file is created. This file must be deployed on the macOS device.
8. Open the WiFi Profile .mobileconfig file, and click Continue for the two dialog boxes.
9. In the Enterprise Network dialog, enter the Okta credentials if they were not provided in the WiFi profile, and click Install.
10. Enter the local machine admin credentials in the dialog and click OK.
11. The Wi-Fi profile is now installed on the client's machine.