Meraki local authentication

Ajchan
Conversationalist

Meraki local authentication

Hi,

 

For Meraki local authentication with an LDAP server what are the Pre-requisites ? and is certificate must or is it optional if i am going with only LDAP & not LDAPs ?

1 Reply 1
alemabrahao
Kind of a big deal
Kind of a big deal

 Requirements

  • All MR access points in the Network must be running MR 27.1+ firmware*

  • An admin account credential for the LDAP server with read-only permissions has to be input as part of dashboard configuration 

  • If an Active Directory-based LDAP server is used, it must support an LDAP bind operation

  • The LDAP server must support STARTTLS

  • CA certificate used to sign the LDAP server's private key must be uploaded to the dashboard. This certificate is used by an MR to verify the authenticity of the LDAP server.

  • The LDAP server’s certificate must have a subjectAltName field that matches the Host address configured on the dashboard (either IP address or FQDN)

  • Wireless clients must trust the certificate presented by the MR which is signed by a well-known Certification Authority QuoVadis for the purposes of validation of the MR for certificate-based authentication.

    https://documentation.meraki.com/MR/Encryption_and_Authentication/Meraki_Local_Authentication_-_MR_8...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels