Meraki

GB7111 · ‎Sep 28 2017

We want the ability to integrate meraki with our AD so users can authenticate through VPN with their AD passwords. Looking at some of the Meraki provided instructions, I can only find documentation for installing a self signed certificate. There is a warning in the instructions that it's not recommended to install a self-signed cert in production. A CA is a more secure choice. However, I can't find any instructions on doing it through a CA.

I've installed the CA role on our DC and am ready to finish setup and create a cert. Are there any instructions on doing this? I started to walk through it but it starts asking questions on the type of hash, etc and I'm not sure what will be compatible with meraki.

thanks

ErikDavis · ‎Sep 28 2017

did you setup your certificate template to support this? https://documentation.meraki.com/zGeneral_Administration/Other_Topics/Certificate_Requirements_for_T...

Index=default | eval be = if(do = ”good” , ”great” , ”nothing”)

PhilipDAth · ‎Sep 28 2017

On each AD server:

Start/Run

Type in "mmc" and hit return

File/Add-Remove Snap In/Certficates/Add/Computer Account

Next/Finish/OK

Expand Certificates/Personal/Certificates

Right click on "Certificates", All Tasks, Request New Certificate, Next

If you have deployed a CA you should be able to choose "Active Directory Enrolment Policy".

Click Next. Select all the options available.

Click Enroll and you are about done.

MijanurRahman · ‎Sep 29 2017

Kudos for your post @PhilipDAth !

Meraki

Community

Setting up CA for VPN AD Sync

Setting up CA for VPN AD Sync