This article describes how to configure your Windows 8 computer to connect to a Meraki Access Point (AP) for Wi-Fi using your OneLogin credentials.
Chain of trust
Every SSL certificate is issued under a root certificate. Root certificates are self-signed certificates by a reputable CA like Sectigo and are included in the trusted root store used by a browser or on the OS. Between a root certificate and an SSL certificate, one or more intermediate certificates are present. Together, they provide a complete chain of trust to the root certificate. By using intermediate certificates, the root certificate itself doesn't need to sign a certificate. An SSL certificate is signed by an intermediate and the intermediate by the root certificate.
To install certificates, follow the instructions below.
Install the RADIUS certificate and intermediate DigiCertCA certificate
Important: RADIUS Certificates are renewed on a yearly basis. You can find the most recent certificate file locations here.
The process for other Windows versions may differ. For example, if your organization uses Windows Server, you can create Wireless policies using Group Policy settings and deploy wireless profiles to network machines using the Group Policy. If you do choose to deploy a wireless profile this way, it must include:
- The SSID of your Meraki AP
- The OneLogin RADIUS certificate and intermediate CA certificate (trusted in the profile) that are listed above in the New RADIUS Certificates section.
- A security type of WPA2-Enterprise
- An authentication scheme of EAP-TTLS/PAP or EAP-PEAP/MSCHAPv2
Configure a Meraki Access Point (AP) to use OneLogin as a RADIUS server
Configure Windows 8 to connect to a Meraki Access Point using OneLogin
Go to Network and Sharing Center.
Click Set up a new connection or network.
Select Manually connect to a wireless network.
Configure the following options:
Network name: Enter your Meraki SSID
Security Type: WPA2-Enterprise
On the next screen, click Change connection settings.
Configure or confirm the following values:
Security type: WPA2-Enterprise
Encryption type: AES
Choose a network authentication method: Microsoft: EAP-TTLS
Click the Settings button to open the TTLS Properties dialog, and confirm that Select a non-EAP method for authentication is selected and set to Unencrypted password (PAP).
Select the Meraki SSID from your list of Wi-Fi networks, then click Connect.
Enter your OneLogin username and password, then click OK.
Click Connect to continue connecting…
You are now connected to your Meraki Wi-Fi.
Delete a Wi-Fi profile in Windows 8
Follow the instructions outlined in Delete Wi-Fi profile to delete a Wi-Fi profile.