This article will provide steps on how to set up Windows devices to connect to a Cisco Meraki wireless network when using the EAP-TTLS protocol.

• RADIUS
• Okta Identity Engine (OIE)

1. Navigate to Settings > Network & Internet > Network and Sharing Center and select to set up a new network connection.

2. Select the option to manually connect to a wireless network.

3. Enter the Wifi SSID name and the security type as WPA2-Enterprise.

4. After adding the WiFi configuration, they must change the connection settings.

5. In the Security Tab, choose Microsoft EAP-TTLS as the authentication method. 

6. Click settings and select:

   1.  PAP as the non-EAP method for authentication

   2. Enable identity privacy and set it to anonymous

   3. Select the root certificate used to sign the customer EAP-TTLS server certificate in the Trusted Root Certification Authorities section ( the root certificate)

7. In the Wireless Network properties Security tab ( Step 5) select Advanced settings 

   1. Check Specify authentication mode.

   2. Select User authentication.

   3. Click Save credentials (optional).

   4. Provides user credentials (optional).

   5. Click OK.

Related References

• Configuring EAP-TTLS + PAP Authentication on Windows 8 and 10
• Configure wireless clients for Cisco Meraki
• Cisco Meraki RADIUS integration flow
• Add the Cisco Meraki Wireless app