Setting up Meraki RADIUS with Foxpass
Most Foxpass customers use wireless access products by Cisco's Meraki. You are in good hands.
The Meraki setup is very straight-forward.
1. Set your Foxpass password
In Foxpass, go to the "Password" settings page and enter a password.
2. Create a "RADIUS Client" entry on Foxpass
Visit this page: https://console.foxpass.com/settings/radius/. Create a RADIUS client for this site's public IP address. Note the secret that was generated.
Then click on the "RADIUS Servers" tab on that page and note our RADIUS IP addresses (EAP-TTLS at the top, EAP-TLS at the bottom) and the "secret" that was created for that entry.
3. Create a test SSID
In your Meraki dashboard, create a new SSID called (e.g.) "Foxpass Test"
4. Choose WPA2-Enterprise
Be sure to set up both of our RADIUS IP address, as one or the other may be down for maintenance.
Don't forget to put in your RADIUS secret; it will be the same for both entries.
5. Don't push the test button!
This is very counter-intuitive. But even when the RADIUS servers are set up properly, the "Test" button on the Meraki Dashboard will not work.
If you want to know why, see down below.
6. Set up your client
If you have a Mac, go to this page: https://console.foxpass.com/settings/wifi/. Create an entry for (e.g.) "Foxpass Test", download the config file and install it. To configure other operating systems for TTLS-PAP, please see the "RADIUS clients" section to the left.
7. Try it out
Connect to your new network, and enter your username and password.
Why the test button doesn't work.
Here's why: Foxpass uses the most secure version of RADIUS that is available. That is called EAP-TTLS-PAP, which encapsulates login information inside of an SSL connection.
The "Test" button does not support EAP-TTLS-PAP, and instead assumes a less secure protocol. This doesn't matter, though, because ultimately the authentication conversation happens between a user's phone / laptop and the RADIUS server directly (the Access Point merely connects the two).
Android, Linux, Windows 8, and Windows 10 all support TTLS-PAP natively.
macOS and iOS will support TTLS-PAP with the addition of a config file, which Foxpass will generate for you.
Windows 7 is not supported, but will probably work if the computer has the Intel wireless chipset and Intel drivers installed.
Updated 4 months ago