Windows 10

Currently only the following authentication mechanisms are supported:

  • User authentication: Active Directory (AD), RADIUS, or Meraki hosted authentication.
  • Machine authentication: Preshared keys (a.k.a., shared secret).

When using Meraki hosted authentication, VPN account/user name setting on client devices (e.g., PC or Mac) is the user email address entered in the Dashboard.


Open Start Menu > Search "VPN" > Click Change virtual private networks (VPN)


From the VPN settings page, click Add a VPN connection.


In the Add a VPN connection dialog:

  • VPN provider: Set to Windows (built-in)
  • Connection name: This can be anything you want to name this connection, for example, "Work VPN."
  • Server name or address: Enter the hostname (e.g. .com) or the active WAN IP (e.g. XXX.XXX.XXX)Hostname is encouraged instead of active WAN IP  because it is more reliable in cases of WAN failover. Admin can find them in Dashboard, under Security appliance > Monitor > Appliance status.
  • VPN type: Select L2TP/IPsec with pre-shared key
  • User name and Password: optional

Press Save.



After the VPN connection has been created, click Change adapter options under Related settings.



Right-click on the VPN Connection from the list of adapters and click Properties.



In the Security tab, select "Require encryption (disconnect if sever declines)" under Data encryption.
Then, select "Allow these protocols" under Authentication. From the list of protocols, check "Unencrypted password (PAP)", and uncheck all other options.
Click on "Advanced settings"

Despite the name "Unencrypted PAP", the client's password is sent encrypted over an IPsec tunnel between the client device and the MX. The password is fully secure and never sent in clear text over either the WAN or the LAN.



In Advanced Properties dialog box, choose "Use preshared key for authentication" and enter the pre-shared key that admin created in Security appliance > Configure > Client VPN settings.



Back at the Network Connections window, right-click on the VPN connection and click Connect / Disconnect.



Find your VPN profile and click Connect.



Enter your user name and password.
Click OK.