Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts in the Routing and SD-WAN forum. Click to go to the forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1651
Views
5
Helpful
4
Replies

Access Manager Authentication Error - EAP TLS

lfneves
Frequent Visitor
Frequent Visitor

‎09-11-2025 11:19 AM

Hi everyone,
I'm facing an issue with authentication configured in Access Manager. Random devices are unable to complete authentication using the unique attribute (machine certificate).
The environment is successfully synchronized with Radius in Azure. I validated and re-synced.

The certificate in Meraki matches the certificate on the end device.
I see the error below in the Meraki dashboard:

image.png

There have been no recent changes to the environment.
Has anyone else experienced this same issue?

Thankyou.

Labels:
0 Helpful
4 Replies 4

aleabrahao
Meraki Community All-Star
Meraki Community All-Star

‎09-11-2025 11:28 AM

I have a few suggestions for you.

Check the Meraki event logs for timestamps and compare them with the RADIUS logs.
Run a packet capture on the Meraki access point to verify that the RADIUS request was sent and a response was received.
Validate the certificate chain on the client and RADIUS server.
Test with a different device or certificate to isolate the issue.

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Philip D'Ath
Meraki Community All-Star
Meraki Community All-Star

‎09-11-2025 01:02 PM

What are you using RADIUS if you are using EAP-TLS and Access Manager? Access Manager can directly authenticate users with certificates.

https://documentation.meraki.com/Access_Manager/Access_Manager_Configuration_Guides/Access_Manager_Certificate_Based_Authentication_-_EAP-TLS_with_Entra_ID_Lookup

lfneves
Frequent Visitor
Frequent Visitor

‎09-12-2025 08:41 AM

Hello everyone,


We tried all the recommendations suggested above. We created a new GPO and a new certificate. We re-synced the Meraki cloud and Azure cloud, but without success.
I opened a TAC, and after reviewing it with the engineer, a global issue was identified in Access Manager.

After automatic correction last night, the environment is currently stable.

I appreciate everyone's willingness to support this issue.


Thank you.

aleabrahao
Meraki Community All-Star
Meraki Community All-Star
In response to lfneves

‎09-12-2025 08:56 AM

Nada melhor que o bom e velho TAC hehehe.

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card