PKI solution with Meraki

Solved
Slider
Getting noticed

PKI solution with Meraki

Hi, 

 

Is this doable? Connectivity to APs governed by machine ID certificates  provided Enterprise PKI solution?

HM
1 Accepted Solution
Mahi_Meraki_guy
Meraki Employee
Meraki Employee

Answer would be a No. 

More details on available encryption & Auth modes on Meraki are on this doc.

https://documentation.meraki.com/MR/Encryption_and_Authentication/Setting_a_WPA_Encryption_Mode

 

Interested to know what is the use case where you want to use the machine ID certs over the other options ?

View solution in original post

4 Replies 4
Mahi_Meraki_guy
Meraki Employee
Meraki Employee

Answer would be a No. 

More details on available encryption & Auth modes on Meraki are on this doc.

https://documentation.meraki.com/MR/Encryption_and_Authentication/Setting_a_WPA_Encryption_Mode

 

Interested to know what is the use case where you want to use the machine ID certs over the other options ?

Slider
Getting noticed

Thank you!

HM
GreenMan
Meraki Employee
Meraki Employee

Not sure I agree with your "No" here - unless I've misinterpreted something..?
If a customer is looking to have clients connect to a Meraki MR-based SSID using Enterprise 802.1x, with certificates for EAP-TLS, this is supported - but it would need an external RADIUS server to accomplish;   the PKI infrastructure would need to issue appropriate certs for both the RADIUS server and all the connecting clients, establishing the necessary bi-directional chain of trust.

Meraki could also achieve something very similar, natively, through use of the new Trusted Access feature, using Systems Manager licensing:   https://documentation.meraki.com/zGeneral_Administration/Cross-Platform_Content/Trusted_Access_for_S...
This is usually used for addressing Bring Your own Device (BYoD) requirements.

PhilipDAth
Kind of a big deal
Kind of a big deal

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels