Meraki Client VPN OS Configuration

Meraki Client VPN OS Configuration


Group Shape To Image

This article outlines instructions to configure a client VPN connection on commonly used operating systems.

Learn more with these free online training courses on the Meraki Learning Hub:

• Implementing Remote Access with IPsec Client VPN

Sign in with your Cisco SSO or create a free account to start training.

Group Shape To Image

Android

Group Shape To Image

To configure an Android device to connect to the client VPN, see Connect to a virtual private network (VPN) on Android in Google Support.

The following VPN information is needed to complete the setup:

  1. Name: This can be anything you want to name the connection, for example, "Work VPN"
  2. Type: Select L2TP/IPSEC PSK
  3. Server address: Enter the hostname (for example: abcd.com) or the active WAN IP (for example: a.b.c.d)

◦ Hostname is preferred to improve reliability during WAN failover

◦ This information is located in the Meraki dashboard under Security & SD-WAN Monitor Appliance status

  1. IPSec pre-shared key: Enter the pre-shared key that admin created in Security & SD-WAN > Configure > Client

VPN

Group Shape To Image

Chrome OS

To configure a Chrome OS device to connect to client VPN, see Set up virtual private networks (VPNs) in Google Support.

The following VPN information is needed to complete the setup:

  1. Service name: This can be anything you want to name this connection, for example, "Work VPN"
  2. Provider type: Select L2TP/IPsec
  3. Server hostname: Enter the hostname (for example: abcd.com) or the active WAN IP (for example: a.b.c.d)

◦ Hostname is preferred to improve reliability during WAN failover

◦ This information is located in the Meraki dashboard under Security & SD-WAN Monitor Appliance status

  1. Authentication type: Select Pre-shared key
  2. Username: Credentials for connecting to VPN—if using Meraki authentication, this will be an email address
  3. Password: Credentials for connecting to VPN
  4. Pre-shared key: Enter the shared secret that admin created in Security & SD-WAN Configure Client VPN

Group Shape To Image

iOS

To configure an iOS device to connect to the client VPN, follow these steps:

  1. Navigate to Settings General VPN & Device Management VPN > Add VPN Configuration
  2. Type: Set to L2TP
  3. Description: This can be anything you want to name this connection, for example, "Work VPN"
  4. Server: Enter the hostname (for example: abcd.com) or the active WAN IP (for example: a.b.c.d)

◦ Hostname is preferred to improve reliability during WAN failover

◦ This information is located in the Meraki dashboard under Security & SD-WAN Monitor Appliance status

  1. Account: Enter the username
  2. Password: Enter if desired

◦ If the password is left blank, it will need to be entered each time the device attempts to connect to the client

VPN

  1. Secret: Enter the shared secret that admin created in Security & SD-WAN Configure Client VPN
  2. Ensure that Send All Traffic is set to on
  3. Save the configuration

Group Shape To Image

macOS

Group Shape To Image

To configure a macOS device to connect to client VPN, see Set up a VPN connection on Mac in Apple Support.

The following VPN information is needed:

  1. Display Name: This can be anything you want to name this connection, for example, "Work VPN"
  2. Server Address: Enter the hostname (for example: abcd.com) or the active WAN IP (for example: a.b.c.d)

◦ Hostname is preferred to improve reliability during WAN failover

◦ This information is located in the Meraki dashboard under Security & SD-WAN Monitor Appliance status

  1. Account Name: Enter the account name of the user (based on AD, RADIUS, or Meraki cloud authentication)
  2. Password: User password (based on AD, RADIUS or Meraki cloud authentication)
  3. Machine Authentication > Shared Secret: Enter the shared secret that admin created in Security & SD-WAN

Configure Client VPN

Group Shape To Image

Windows

To configure a Windows 10 or Windows 11 device to connect to client VPN, see Connect to a VPN in Windows in Microsoft Support.

Group Shape To Image

  1. VPN provider: Set to Windows (built-in)
  2. Connection name: This can be anything you want to name this connection, for example, "Work VPN"
  3. Server name or address: Enter the hostname (for example: abcd.com) or the active WAN IP (for example: a.b.c.d) ◦ Hostname is preferred to improve reliability during WAN failover

◦ This information is located in the Meraki dashboard under Security & SD-WAN Monitor Appliance status

  1. VPN type: Select L2TP/IPsec with pre-shared key
  2. User name and Password: optional

After the VPN connection has been created, set the Authentication protocols:

  1. Choose the VPN connection and then select Advanced options Adapter SettingsNote: Alternatively, run ncpa.cpl directly from Search or Command prompt to quickly access your VPN adapters.
  2. In the Security tab, select Require encryption (disconnect if sever declines) under Data encryption
  3. Under Authentication select Allow these protocols and select Unencrypted password (PAP)
  4. Verify that no other protocols are selected

Group Shape To Image

Linux

To configure a Red Hat Linux device to connect to client VPN, see Configuring a VPN connection in Red Hat Documentation.

To configure an Ubuntu Linux device to connect to client VPN, see Connect to a VPN in Ubuntu Documentation.

The following packages, and their dependencies, are minimum requirements for Linux:

  1. xl2tpd to implement L2TP
  2. strongswan or libreswan to implement IPSec

GUI management of the connection requires the network-manager-l2tp-gnome VPN plugin.

Group Shape To Image1

    • Related Articles

    • Best Practices for MiCollab 9 0 Android Client

      Keeping the Client Alive in the Background Android phones have a different architecture for handling background execution of applications, which evolves with every new Android version. Android processes applications running in the background and ...

    • How to Connect to UniFi Teleport VPN

      Overview UniFi Teleport VPN allows you to securely connect to your network from various devices, including desktops (Windows, macOS, Linux) and mobile devices (iOS, Android). This guide will walk you through the steps to connect to the VPN using the ...

    • MiVoice Business Console Operator Help

      Notices The information contained in this document is believed to be accurate in all respects but is not warranted by Mitel Networks Corporation (MITEL®).The information is subject to change without notice and should not be construed in any way as a ...

    • Managing Fax to Email and Email to Fax in SmartPBX

      Managing Fax to Email and Email to Fax in SmartPBX SmartPBX offers convenient features for managing fax to email and email to fax services. Fax to email allows you to receive incoming faxes as email attachments, while email to fax enables you to send ...

    • Enabling Click-to-Call (Windows)

      The click-to-call (or click-to-dial) feature lets you dial phone numbers by clicking specially formatted links on websites, CRM or other web or native applications. How does it work? It works by associating the SmartPBX desktop client (currently ...