Configure Meraki WiFi 802.1X Authentication Using Windows NPS.

We always recommend companies looking to implement, upgrade, or secure their Wireless networks to implement 802.1X authentication. Deploying 802.1X increases the level of security in the network by requiring certificate-based authentication methods that are more secure than password-based authentication, also known as Preshared-key (PSK) authentication. 802.1X is an IEEE standard for port-based Network Access Control that provides authentication mechanisms to devices and users in a LAN and WLAN. It allows you to ensure that LAN users are authenticated before connecting to the network or obtaining an IP address from the DHCP server.

As stated earlier, 802.1X is an IEEE standard, and as such, it’s a technology that can be implemented by any technical company as long as they adhere to it. Meraki switches and access points are 802.1X capable devices that can serve as the Authenticator in an 802.1X deployment; in other words, they can be configured to be the link between the clients and the authentication server.

The 802.1X Wireless configuration is relatively simple on the Meraki side. The bulk of the work is done on the Radius server side as Radius servers have different versions, and each implementation is unique. Microsoft’s Network Policy Server (NPS) is one of the most widely used Radius server versions. Microsoft’s NPS is a server role that provides many network connectivity solutions in a corporate environment, including Network Access Protection (NAP), Central network policy manager, and 802.1X authenticated wired and wireless devices.