Configure Cisco Meraki to interoperate with Okta via RADIUS

This guide details how to configure Cisco Meraki wireless access points to use the Okta RADIUS Server Agent and EAP-TTLS.. The following network diagram shows the flow between Meraki and several endpoints using Okta.

For details of the flow between Okta, the RADIUS agent and Cisco Meraki seeCisco Meraki RADIUS integration flow

This is an Early Access feature. To enable it, contact Okta Support.

Important Note


Contact Okta Support to have EAP-TTLS support enabled for your Okta org.


Before you begin

Before installing the Okta RADIUS Agent ensure that you have met these minimum requirements for network connectivity:

Source Destination Port/Protocol Description
Okta RADIUS Agent Okta Identity Cloud TCP/443
Configuration and authentication traffic
Client Gateway Okta RADIUS Agent UDP/1812 RADIUS (Default, may be changed in RADIUS app install and configuration) RADIUS traffic between the gateway (client) and the RADIUS Agent (server)

Supported factors

The following MFA Factors are supported:


MFA Factor Password Authentication Protocol
Extensible Authentication Protocol - Generic Token Card
Extensible Authentication Protocol - Tunneled Transport Layer Security
Okta Verify (TOTP and PUSH) Supported Supported Supported - as long as challenge is avoided.
For example:
MFA-only or password, MFA for TOTP.
Push can work with primary auth + MFA as the push challenge is sent out-of-band.
Voice Call Supported Supported Not supported
SMS Authentication Supported Supported Not supported
Google Authenticator Supported Supported Supported - as long as challenge is avoided.
For example MFA only or password, MFA.
Symantec VIP Supported Supported Supported
Security Question Supported Supported Not supported
Custom TOTP Authentication Supported Supported Not supported
Duo(Push, SMS and Passcode only) Supported Supported Supported (passcode, Push)
YubiKey Supported Supported Supported

RSA Token







Not supported



The U2F Security and Windows Hello MFA factors are not compatible with RADIUS-enabled implementations.
For additional information about the Radius apps refer to Configuring RADIUS applications in Okta.


Typical workflow



Download the RADIUS agent
Install the Okta RADIUS Agent.
  • Install either the Windows or Linux RADIUS agents as appropriate for your environment.
Configure application
Configure optional settings

Optional - Where supported configure RADIUS to return group information using vendor specific settings.

Configure gateway
Configure devices

Related topics