Blocking unauthorized computers

Gustavo
Here to help

Blocking unauthorized computers

Hi all!

 

I finished the configuration for my Corporative SSID with 802.1x and its working pretty well.

 

The users must authenticate with domain credentials.

 

But now I want to block unauthorized computers to login in our network, for example, we have some computers outside the domain, so I can't use radius authentication for domain computers.

 

I would like to know, if Meraki have options to meet this requirement.

 

My english in rusty, please let me know if something is not clear.

 

2 Replies 2
Adam
Kind of a big deal


@Gustavo wrote:

 

But now I want to block unauthorized computers to login in our network, for example, we have some computers outside the domain, so I can't use radius authentication for domain computers.

 

We have our 802.1x configured to authenticate against a Windows NPS server.  The policy verifies both user and computer.  That configuration would meet your above requirement.  If you just have your 802.1x configured to authenticate a domain user then conceptually a domain user could connect via a non domain joined computer.  

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
PhilipDAth
Kind of a big deal
Kind of a big deal

I'm not completely clear on your situation.

 

Do you realise that non-Domain computers can log in using RADIUS credentials still?

 

If you use Systems Manager, then it can automatically deploy certificates onto computers (and mobile devices) and you can do certificate based authentication.  And you don't need any servers ...

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels