Meraki

Community

Interested in trying out a new 802.1x onboarding feature?

Noah_Salzman
Meraki Alumni (Retired)
Meraki Alumni (Retired)
‎Jan 10 2020 10:27 AM
‎Jan 10 2020 10:27 AM

Interested in trying out a new 802.1x onboarding feature?

Hey Meraki Community,

 

We recently introduced a feature called Trusted Access, it is included as part of the Systems Manager product. It allows your users to self-provision certificates for 802.1x access to Meraki MR networks. The certificates allow mobile devices to make EAP-TLS connections to the wireless network which, of course, means there is no need to authenticate via a username/password. If you are familiar with SM's "Sentry WiFi" feature it is essentially the same concept without the requirement to have your phone or laptop enrolled in MDM.

 

https://documentation.meraki.com/zGeneral_Administration/Cross-Platform_Content/Trusted_Access_for_S...

 

We are looking for MR customers of all sizes -- regardless of whether they currently own Systems Manager -- to try out this feature and provide feedback. The SM team is eager to spend some time with you so we can better understand your use cases and get better insight on how we can improve this feature in upcoming releases. 

 

We are particularly looking for customers that use Active Directory for identity management. Regardless of AD: you will need to use iOS or macOS devices to try out the feature (Android will be ready very soon, Windows is still in development). All who participate and provide feedback will be granted 20 free SM licenses. 

 

Please send me a direct message or reply in this thread if you are interested. Thank you!

 

Noah Salzman

Product Manager for Meraki SM

 

18 Replies 18
Meraki_Scott
Here to help
‎Jan 10 2020 3:55 PM
‎Jan 10 2020 3:55 PM

Would love to try that out!

In response to Meraki_Scott
Noah_Salzman
Meraki Alumni (Retired)
Meraki Alumni (Retired)
‎Jan 10 2020 4:28 PM
‎Jan 10 2020 4:28 PM

@Meraki_Scott Send me an email with the URL to the dashboard org you will be using.

 

I'm "first" dot "last" at Meraki.net.

0 Kudos
In response to Noah_Salzman
SoCalRacer
Kind of a big deal
‎Jan 10 2020 9:03 PM
‎Jan 10 2020 9:03 PM

When Android and Windows are available I would test. Sure seems like Apple fans with the dev team

In response to SoCalRacer
GIdenJoe
Kind of a big deal
Kind of a big deal
‎Jan 11 2020 3:42 AM
‎Jan 11 2020 3:42 AM

So if I read this correctly you won't need an SM enrolled devices only access SSID but you can change this to a WPA2-Enterprise SSID.

And with Sentry coupling you can still enforce the correct authorization on each user based on the pushed security tags.

Basically it's a mini ISE 😛

In response to SoCalRacer
Noah_Salzman
Meraki Alumni (Retired)
Meraki Alumni (Retired)
‎Jan 13 2020 9:32 AM
‎Jan 13 2020 9:32 AM

@SoCalRacer Historically, the Meraki SM team has focused more on iOS than on Android, and more on macOS than Windows. However, we are making significant efforts to change that. 

 

Despite any bias we might have, one of the main reasons Trusted Access appeared first on iOS/macOS is that those operating systems have SCEP functions built-in whereas Android and Windows do not. This drastically shortened the development time needed to deliver the feature. 

 

dmiss
Getting noticed
‎Jan 24 2020 9:19 AM
‎Jan 24 2020 9:19 AM

If this is still ongoing--I would be interested in this. But I do have additional questions if i could speak with someone. 

0 Kudos
In response to dmiss
Noah_Salzman
Meraki Alumni (Retired)
Meraki Alumni (Retired)
‎Jan 24 2020 9:25 AM
‎Jan 24 2020 9:25 AM

Please send me email at first dot last at meraki dot net -- I'm happy to discuss the feature with you.

In response to Noah_Salzman
Fabian1
Getting noticed
‎Feb 3 2020 1:36 AM
‎Feb 3 2020 1:36 AM

Hey @Noah_Salzman,

 

we are using Chrome OS in our environment. If you need a customer with Chrome OS devices, feel free to contact me 🙂

We are looking forward to this feature and would be happy to implement this in our network 

0 Kudos
In response to Fabian1
Noah_Salzman
Meraki Alumni (Retired)
Meraki Alumni (Retired)
‎Feb 19 2020 9:52 AM
‎Feb 19 2020 9:52 AM

@Fabian1 We have done some research into how this would work on Chrome OS and the result was that there is no straightforward way to accomplish this. I wouldn't totally rule it out but, to be clear, it's not currently on our to-do list. However, I would be interested to discuss this with you if you have the time. My work email address is in post in this thread.

0 Kudos
sebas
Getting noticed
‎Feb 19 2020 7:25 AM
‎Feb 19 2020 7:25 AM

Interested in trying this one !

0 Kudos
In response to sebas
Noah_Salzman
Meraki Alumni (Retired)
Meraki Alumni (Retired)
‎Feb 19 2020 9:53 AM
‎Feb 19 2020 9:53 AM

@sebas Please send me a note from your work email at first dot last at meraki.net and we can get you setup.

Dobbins
Just browsing
‎Feb 24 2020 12:49 PM
‎Feb 24 2020 12:49 PM

I'm trying to figure the best options for a single SSID.  Would this allow me to assign Vlan based on AD credentials?  Will SM conflict with our current Filewave MDM? 

0 Kudos
ryu
Here to help
‎Mar 2 2020 11:53 PM
‎Mar 2 2020 11:53 PM

Just for understanding, this will make a SSID unusable for Windows and Android (right now), and we can just try it with apple devices?

0 Kudos
Brons2
Building a reputation
‎Mar 11 2020 11:38 AM
‎Mar 11 2020 11:38 AM

It's been a couple of months since you posted this but I would be interested in trying it out.

0 Kudos
quanglong
New here
‎Oct 13 2020 5:46 AM
‎Oct 13 2020 5:46 AM

I manage 185 access point devices from mr33, mr42, mr52, mr84, my organization is an educational institution so the amount of connection is huge. We have Active Directory for identity management, provide internet connection for users over 802.1x, the authentication server I'm using is ISE. I am happy to join your team to improve user simplicity

I come from Vietnam

thanks you

0 Kudos
HPNetwork
Conversationalist
‎Jan 19 2022 8:00 AM
‎Jan 19 2022 8:00 AM

Hello Noah,

 

Any new update on this feature? This is very interesting secureW2 seems to be doing the same things, but Meraki appears to be taking a different route, which is good biggest question is the customer would have to buy an SM license on top of the regular price. Is there a listed price for an SM license that the average customer would pay from the RIO stand?

0 Kudos
Socom
Conversationalist
‎Jan 20 2022 1:16 PM
‎Jan 20 2022 1:16 PM

My emails to you are being rejected as a disabled account.

0 Kudos
MerakiDDSDWAN
Conversationalist
‎Nov 25 2022 3:14 AM
‎Nov 25 2022 3:14 AM

I have a doubt for iOS devices that was co figured by SSP and after a period the certificate expired has an automatically way to update this without the user did the procedure manually again?

 

If I renew the certificate before the expired , Meraki will send to device the update of this certificate automatically?

 

Regards, JF.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.