Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

PKI solution with Meraki

Solved
Slider
Getting noticed
‎Feb 5 2020 4:21 PM
‎Feb 5 2020 4:21 PM

PKI solution with Meraki

Hi, 

 

Is this doable? Connectivity to APs governed by machine ID certificates  provided Enterprise PKI solution?

HM
0 Kudos
Subscribe
1 Accepted Solution
Mahi_Meraki_guy
Meraki Employee
Meraki Employee
‎Feb 5 2020 5:51 PM
‎Feb 5 2020 5:51 PM

Answer would be a No. 

More details on available encryption & Auth modes on Meraki are on this doc.

https://documentation.meraki.com/MR/Encryption_and_Authentication/Setting_a_WPA_Encryption_Mode

 

Interested to know what is the use case where you want to use the machine ID certs over the other options ?

View solution in original post

Subscribe
4 Replies 4
Mahi_Meraki_guy
Meraki Employee
Meraki Employee
‎Feb 5 2020 5:51 PM
‎Feb 5 2020 5:51 PM

Answer would be a No. 

More details on available encryption & Auth modes on Meraki are on this doc.

https://documentation.meraki.com/MR/Encryption_and_Authentication/Setting_a_WPA_Encryption_Mode

 

Interested to know what is the use case where you want to use the machine ID certs over the other options ?

Subscribe
In response to Mahi_Meraki_guy
Slider
Getting noticed
‎Feb 6 2020 9:27 AM
‎Feb 6 2020 9:27 AM

Thank you!

HM
0 Kudos
Subscribe
In response to Mahi_Meraki_guy
GreenMan
Meraki Employee
Meraki Employee
‎Feb 6 2020 9:37 AM
‎Feb 6 2020 9:37 AM

Not sure I agree with your "No" here - unless I've misinterpreted something..?
If a customer is looking to have clients connect to a Meraki MR-based SSID using Enterprise 802.1x, with certificates for EAP-TLS, this is supported - but it would need an external RADIUS server to accomplish;   the PKI infrastructure would need to issue appropriate certs for both the RADIUS server and all the connecting clients, establishing the necessary bi-directional chain of trust.

Meraki could also achieve something very similar, natively, through use of the new Trusted Access feature, using Systems Manager licensing:   https://documentation.meraki.com/zGeneral_Administration/Cross-Platform_Content/Trusted_Access_for_S...
This is usually used for addressing Bring Your own Device (BYoD) requirements.

Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Feb 6 2020 11:35 AM
‎Feb 6 2020 11:35 AM

@GreenMan is correct here.

 

This is a walk through guide.

https://documentation.meraki.com/MR/Encryption_and_Authentication/Configuring_RADIUS_Authentication_... 

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.