Meraki Local Authentication - MR 802.1X

Comes here often

Meraki Local Authentication - MR 802.1X

I've been reading this article


Which says that Meraki MR Local Auth can authenticate user certificates but I need to know if it can authenticate Machine certificates in the same way?


I'm trying to remove the requirement for a RADIUS server, which this looks like it does by running RADIUS locally on the MR.



Kind of a big deal
Kind of a big deal

As far as I know, user-level authentication is only possible with local authentication.


Basically what the AP does is store user information in cache and thus it can maintain authentication in case of communication failure with the LDAP server.

Kind of a big deal
Kind of a big deal

I would expect it to work. Basically both User- and Machine certificates are the same. They are just used and stored differently. And the CN/SAN holds a valid username in one case and a domain-machine in the other.

Kind of a big deal
Kind of a big deal

For local certificate authenticate, you upload a root CA certificate.  The MR will alow anything to authenticate that uses a certificate from that root CA certificate.


It doesn't matter if it is a user or a machine.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.