802.1X with Meraki Certificates / MDM Sentry / MS Host modes

BorisT
Conversationalist

802.1X with Meraki Certificates / MDM Sentry / MS Host modes

Hello all, I wanted to get a better understanding how this works :

 

https://documentation.meraki.com/MS/Access_Control/MS_Switch_Access_Policies_(802.1X)

 

On  WIFI it’s obviously pretty easy now to set up a SSID that does automatic 802.1X authentication for any device on any OS  that is enrolled in meraki MDM (and place self-enrollment behind a login users don’t have) and a separate SSID for guest users.

All of our desktops/mobile  are in the Meraki MDM.

 

I was hoping to do the same thing on (at least) some subset of our LAN ports

 

  • Allow ethernet devices enrolled in our MDM to have access and restrict anything else (mac and pc!)

 

Or more ideally:

 

  • Allow ethernet devices enrolled in our MDM to have access and dump anything else on a guest vlan (Mac and pc!)

 

       I don’t have meraki switches yet nor do I plan to invest in cisco ISE at the moment.

 

       If I hang a MS switch off non meraki switching would I be able to use the sentry/802.1x capability on a specific VLAN  (and perhaps be able to use the “guest’ vlan) with single host mode? When looking at settings on a test dashboard network this seems to be the case?

 

 

Looking at capabilities, in *THEORY* the same thing is possible if running the relevant ports through something like a MR30H ? Or perhaps via one of the MX appliances?

 

Depending on the scenario/cost we could probably directly wire the ports in question directly

 

(edit, an old thread with screenshot of the wifi network I would like to duplicate: https://community.meraki.com/t5/Security-SD-WAN/Meraki-Wifi-style-Sentry-802-1x-on-wired-LAN/m-p/518... )

 

thanks 

 

 

1 REPLY 1
aws_architect
Building a reputation

Hello

 

Any date for support of sentry 802.1X with Meraki certificate deployed by EMM on Meraki switches ?

For their prices, the level of functions need to be improved IMO.

 

 

Thank you

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels