Meraki

Rakesh_Kumar · ‎Apr 14 2023

I am looking to Automation of end user authentication to Meraki Wi-Fi. We don't have local radius and AD hence can integrated with any of these.

I am considering Meraki SM, using SMagent to enroll windows PC and automate the Wi-Fi authentication to SSID but my concern are , Is this secure to use Smagent to enroll PC and Wi-Fi connection to SSID.

can anyone advice pls ?

KarstenI · ‎Apr 15 2023

The Meraki Authentication uses EAP-TLS which is considered one of the most secure methods available. One drawback is that it’s only supported on wireless and not for 802.1X on the switch ports. If you want to extend the authentication to the switches you need a RADIUS server.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

PaulF · ‎Apr 17 2023

Hi Rakesh

One of the key benefits of using both Systems Manager and MR is the Sentry capability:

https://documentation.meraki.com/SM/Deployment_Guides/Systems_Manager_Sentry_Overview

This allows you to leverage certificates for authentication, that are delivered securely to devices (in fact, the private key for the cert stays on the device itself). Instead of you having to build and maintain both RADIUS and Certificate Authority infrastructure, Meraki Dashboard does this for you

If a device is removed from manage, we also remove the entry in RADIUS, resulting in the device not being able to authenticate against the network. And because the cert is bound to MDM, it means that if the device is unenrolled, then the certificate is removed also

The documentation should be self explanatory, but if you've any questions, let us know.

Meraki

Community

End users WiFi Authentication - Meraki SM

End users WiFi Authentication - Meraki SM