This article describes how to configure your Windows 8 computer to connect to a Meraki Access Point (AP) for Wi-Fi using your OneLogin credentials.

Certificates

Chain of trust

Every SSL certificate is issued under a root certificate. Root certificates are self-signed certificates by a reputable CA like Sectigo and are included in the trusted root store used by a browser or on the OS. Between a root certificate and an SSL certificate, one or more intermediate certificates are present. Together, they provide a complete chain of trust to the root certificate. By using intermediate certificates, the root certificate itself doesn't need to sign a certificate. An SSL certificate is signed by an intermediate and the intermediate by the root certificate.

To install certificates, follow the instructions below.

Install the RADIUS certificate and intermediate DigiCertCA certificate

Important: RADIUS Certificates are renewed on a yearly basis. You can find the most recent certificate file locations here.

The process for other Windows versions may differ. For example, if your organization uses Windows Server, you can create Wireless policies using Group Policy settings and deploy wireless profiles to network machines using the Group Policy. If you do choose to deploy a wireless profile this way, it must include:

• The SSID of your Meraki AP
• The OneLogin RADIUS certificate and intermediate CA certificate (trusted in the profile) that are listed above in the New RADIUS Certificates section.
  
• A security type of WPA2-Enterprise
• An authentication scheme of EAP-TTLS/PAP or EAP-PEAP/MSCHAPv2

Prerequisites

Configure a Meraki Access Point (AP) to use OneLogin as a RADIUS server

Configure Windows 8 to connect to a Meraki Access Point using OneLogin 

1. Go to Network and Sharing Center.

   Click Set up a new connection or network.

   

2. Select Manually connect to a wireless network.

   

3. Configure the following options:

   Network name: Enter your Meraki SSID

   Security Type: WPA2-Enterprise

   

4. On the next screen, click Change connection settings.

   

5. Configure or confirm the following values:

   Security type: WPA2-Enterprise

   Encryption type: AES

   Choose a network authentication method: Microsoft: EAP-TTLS

   

6. Click the Settings button to open the TTLS Properties dialog, and confirm that Select a non-EAP method for authentication is selected and set to Unencrypted password (PAP).

   

7. Select the Meraki SSID from your list of Wi-Fi networks, then click Connect.

   

8. Enter your OneLogin username and password, then click OK.

   

9. Click Connect to continue connecting…

   

10. You are now connected to your Meraki Wi-Fi.

    

Delete a Wi-Fi profile in Windows 8

Follow the instructions outlined in Delete Wi-Fi profile to delete a Wi-Fi profile.