Meraki

Gustavo · ‎Apr 13 2018

Hi all!

I finished the configuration for my Corporative SSID with 802.1x and its working pretty well.

The users must authenticate with domain credentials.

But now I want to block unauthorized computers to login in our network, for example, we have some computers outside the domain, so I can't use radius authentication for domain computers.

I would like to know, if Meraki have options to meet this requirement.

My english in rusty, please let me know if something is not clear.

Adam · ‎Apr 13 2018

@Gustavo wrote:

But now I want to block unauthorized computers to login in our network, for example, we have some computers outside the domain, so I can't use radius authentication for domain computers.

We have our 802.1x configured to authenticate against a Windows NPS server. The policy verifies both user and computer. That configuration would meet your above requirement. If you just have your 802.1x configured to authenticate a domain user then conceptually a domain user could connect via a non domain joined computer.

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.

PhilipDAth · ‎Apr 13 2018

I'm not completely clear on your situation.

Do you realise that non-Domain computers can log in using RADIUS credentials still?

If you use Systems Manager, then it can automatically deploy certificates onto computers (and mobile devices) and you can do certificate based authentication. And you don't need any servers ...

Meraki

Community

Blocking unauthorized computers

Blocking unauthorized computers