Meraki

Community

switch access policy

jay_b
Getting noticed
‎Sep 13 2021 8:27 AM
‎Sep 13 2021 8:27 AM

switch access policy

We have OKTA Radius agent as our Radius server. I have been trying to use that as switch access policy but can't make it work. I am just tired with trying. Is there any other way to restrict switch port access with easy way ?

0 Kudos
10 Replies 10
Inderdeep
Kind of a big deal
Kind of a big deal
‎Sep 13 2021 10:52 AM
‎Sep 13 2021 10:52 AM

@jay_b : Check this out 

https://help.okta.com/en/prod/Content/Topics/integrations/cisco-meraki-radius-intg.htm

 

Regards/Inder
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com
0 Kudos
In response to Inderdeep
jay_b
Getting noticed
‎Sep 13 2021 11:48 AM
‎Sep 13 2021 11:48 AM

Hello @Inderdeep  Thanks for your response. This page looks like it is only for wireless not for switches or switchport.

0 Kudos
In response to jay_b
Inderdeep
Kind of a big deal
Kind of a big deal
‎Sep 13 2021 12:13 PM
‎Sep 13 2021 12:13 PM

@jay_b : Check this one as well 

https://community.meraki.com/t5/Switching/EAP-TTLS-or-PAP-for-Wired-Port-Security/td-p/88458

 

Regards/Inder
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com
0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 13 2021 1:14 PM
‎Sep 13 2021 1:14 PM

I can't find a single guide on using Okta for wired 802.1x.  Even Google is slim on search results.

 

I would check if Okta even supports doing this with Okta.

0 Kudos
In response to PhilipDAth
jay_b
Getting noticed
‎Sep 13 2021 1:21 PM
‎Sep 13 2021 1:21 PM

@PhilipDAth  Sure will check with Okta. What are other options in case if Okta doesn't work.

0 Kudos
In response to jay_b
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 13 2021 1:23 PM
‎Sep 13 2021 1:23 PM

You can use the RADIUS server that comes with Windows (NPS).

https://documentation.meraki.com/MS/Access_Control/Configuring_802.1X_Access_Policies_on_MS_Switches... 

0 Kudos
In response to PhilipDAth
jay_b
Getting noticed
‎Sep 13 2021 1:26 PM
‎Sep 13 2021 1:26 PM

@PhilipDAth That would be something not possible because we are planning to stay away from on-premise and move more towards the cloud. 

0 Kudos
In response to jay_b
Inderdeep
Kind of a big deal
Kind of a big deal
‎Sep 14 2021 6:58 AM
‎Sep 14 2021 6:58 AM

@jay_b : Check with Jumpcloud for Radius authentication on cloud 

https://jumpcloud.com/blog/cisco-meraki-radius-as-a-service 

Regards/Inder
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com
0 Kudos
In response to Inderdeep
jay_b
Getting noticed
‎Sep 14 2021 7:21 AM
‎Sep 14 2021 7:21 AM

Hello, @Inderdeep  Thanks for your suggestion. I agree with you but we have Okta in place already and it would be a waste of money if we go with Jumpcloud. 

 

Is there any other way to restrict switch ports other than Radius ?

0 Kudos
In response to PhilipDAth
bit_transporter
Getting noticed
Friday
Friday

Hello sir,

 

I know this is an old post, but have you by chance seen any updates on this? We are looking at turning on wired 802.1x on our Meraki switches and sending RADIUS requests to Okta agent. Still having a tough time finding any documentation specifically about the wired clients. I am also wondering if the native Windows supplication is acceptable for sending credentials. Hitting a lot of speed bumps on this project. TIA if you have any advice. 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.