Meraki

Community

About Eddiem

Re: TLS1.2 used for AutoVPN negotiation?

by in Security & SD-WAN
‎Sep 19 2017 6:33 PM
‎Sep 19 2017 6:33 PM
Okay, that implies it's PSK only, so no certs and hence no TLS. ... View more

Re: TLS1.2 used for AutoVPN negotiation?

by in Security & SD-WAN
‎Sep 19 2017 6:32 PM
‎Sep 19 2017 6:32 PM
Thanks again.  If there is a certificate involved, then there must be some TLS/SSL stack, and hence the partner question if it's TLS 1.2 with SHA-2 support.  ... View more

Re: TLS1.2 used for AutoVPN negotiation?

by in Security & SD-WAN
‎Sep 19 2017 6:27 PM
‎Sep 19 2017 6:27 PM
Thanks Phil, so the security protection for the autoVPN is only pre-shared key? Meraki does not support PKI to protect the tunnel?  I think the partner is asking in the case of certificates/PKI being used to protect the VPN, not pre-shared key.  If only pre-shared key is supported then that answers it.  Thanks again. ... View more

TLS1.2 used for AutoVPN negotiation?

by in Security & SD-WAN
‎Sep 18 2017 4:03 PM
‎Sep 18 2017 4:03 PM
Hello, my partner is asking if TLS1.2 is typically used for AutoVPN negotiation as well nowadays on MX devices.   This document does not mention TLS version, but does mention SHA-1 and MD-5, which customer is concerned about:  https://documentation.meraki.com/MX-Z/Site-to-site_VPN/Site-to-site_VPN_Settings   ... View more

Re: SSL Certificates and Encryption between Meraki AP/Cloud

by in Security & SD-WAN
‎Sep 18 2017 2:53 PM
‎Sep 18 2017 2:53 PM
Ah, yes. It's more than encryption as the AP needs to authenticate and hence needs a client identity cert.  Okay, well let's see if anyone has visibility into what signing algorithm is used on the AP certificate.  ... View more

Re: SSL Certificates and Encryption between Meraki AP/Cloud

by in Security & SD-WAN
‎Sep 18 2017 2:48 PM
‎Sep 18 2017 2:48 PM
Thanks Phil, That really helps. I'd guess there is only a server cert in this flow of encrypting traffic between AP and controller.  If anyone on the community knows otherwise and there is a client cert on the AP, it would be good to know what signing hash algorithm was used on the AP client cert as well.    ... View more

SSL Certificates and Encryption between Meraki AP/Cloud

by in Security & SD-WAN
‎Sep 18 2017 10:27 AM
‎Sep 18 2017 10:27 AM
My partner wants to know what SSL/TLS version is used to protect the traffic from the Meraki AP to cloud controller. If it's TLS, how is the certificate managed in Meraki? Can the customer replace the cert with his own CA signed cert that uses SHA-2 instead of SHA-1? ... View more
© 2025 Cisco Systems, Inc.