Meraki

Community

802.1x Wired connection with EAP-TLS authentication

Dror
Just browsing
‎Jan 29 2024 8:44 AM
‎Jan 29 2024 8:44 AM

802.1x Wired connection with EAP-TLS authentication

Hi all,

 

so after a long time I was finally able to authenticate devices via Access policy in Meraki MS225 +NPS server in order to authenticate computers with Domain Computers group and certificate. But the thing is,its working only with 'Smart Card or other certificate (EAP-TLS)' authentication method, and I also had to change some more inner additional settings.

The default NIC configuration is EAP(PEAP), and it's not working with this method.

Now, if I want to apply the policy for all computers, it doesn't make sense that I need to go each computer and set it manually..

How can I change the NIC configurations for all computer organizations? Couldnt see something like this in GPO.

 

Thanks in advance,

 

Dror

 

0 Kudos
6 Replies 6
KH
Meraki Employee
Meraki Employee
‎Jan 29 2024 8:48 AM
‎Jan 29 2024 8:48 AM

This question is likely better suited for the vendor of your client machines, Typically would be pushed via GPO however if you don't see one you might have to implement a PowerShell script or similar and push it to all the devices that way.

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it
0 Kudos
alemabrahao
Kind of a big deal
Kind of a big deal
‎Jan 29 2024 8:53 AM
‎Jan 29 2024 8:53 AM

Maybe it will help you: https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
In response to alemabrahao
Dror
Just browsing
‎Jan 29 2024 9:05 AM
‎Jan 29 2024 9:05 AM

thanks but the link seems to be broken

0 Kudos
In response to Dror
alemabrahao
Kind of a big deal
Kind of a big deal
‎Jan 29 2024 9:08 AM
‎Jan 29 2024 9:08 AM

Try it again please.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
Dror
Just browsing
‎Jan 29 2024 10:38 AM
‎Jan 29 2024 10:38 AM

Man, you made my day! thats exactly what ive needed. 

I could edit and deploy the Wired network policies from GPO for all computers. works after reboot,

 

Thanks!!

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jan 29 2024 12:25 PM
‎Jan 29 2024 12:25 PM

A couple of tips.

 

You need a group policy for workstations to do two things:
* Enabled the Wired AutoConfig service
* Configure the authentication to match what you are using in NPS.

 

You wont be able to get it to work without setting the above two.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.