Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1052
Views
0
Helpful
7
Replies

How Meraki AP authenticate itself to ISE ?

Go to solution
nupagazi
Level 1
Level 1

‎02-01-2023 10:35 PM

Hello All,

We have ISE, WLC and AP 9100 series and Catalyst switches 9300 series. All ports are configured for 802.1X. When AP connects to port it uses credential (configured on WLC) to authenticate with ISE and after successful authentication the port is turned into trunk port. Can Meraki APs authenticate with ISE in the same way ? Due to long delivery time of Cisco APs customer wants to use Meraki AP.

Regards,

An 

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Rodrigo Diaz
Cisco Employee
Cisco Employee

‎02-02-2023 10:48 AM

hello @nupagazi , I would check it out depending on the model of AP you want to implement to see if such functionality exist that allows you to authenticate the AP as supplicant , it it does from the point of view of ISE it will be the same as any other dot1x authentication .  In case there is no dot1x feature on the AP what you can attempt is to use profiling with ISE to allow the AP get access into your network once identified. 

Let me know if that helped you. 

View solution in original post

0 Helpful

Go to solution
nupagazi
Level 1
Level 1
In response to nupagazi

‎02-07-2023 12:15 AM

I have found workaround solution for this. If we use both Meraki APs and switches, then we can use feature called SecurePort (SecureConnect) to authenticate APs.

https://documentation.meraki.com/MS/Access_Control/SecurePort_(formerly_known_as_SecureConnect) 

View solution in original post

0 Helpful
7 Replies 7

Go to solution
marce1000
VIP
VIP

‎02-01-2023 11:10 PM

 

 - FYI : https://documentation.meraki.com/MR/Encryption_and_Authentication/Device_Posturing_using_Cisco_ISE

  M.



-- ' 'Good body every evening' ' this sentence was once spotted on a logo at the entrance of a Weight Watchers Club !
0 Helpful

Go to solution
nupagazi
Level 1
Level 1
In response to marce1000

‎02-01-2023 11:25 PM

Thanks Marce100 for the link but it is not what I am looking for. What I want is  "when a switch port is configured for 802.1x, how Meraki AP is connected to that port and passes the authentication ?"

Regards,

An

0 Helpful

Go to solution
ahollifield
VIP
VIP
In response to nupagazi

‎02-02-2023 10:02 AM

Why do you want to authenticate the AP at all?  I'm not sure if Meraki APs have a supplicant on their ethernet port.

0 Helpful

Go to solution
nupagazi
Level 1
Level 1
In response to ahollifield

‎02-02-2023 10:02 PM

Customer does not want any device can plug into the port, a device must pass the authentication before getting access.

Regards,

An

0 Helpful

Go to solution
Rodrigo Diaz
Cisco Employee
Cisco Employee

‎02-02-2023 10:48 AM

hello @nupagazi , I would check it out depending on the model of AP you want to implement to see if such functionality exist that allows you to authenticate the AP as supplicant , it it does from the point of view of ISE it will be the same as any other dot1x authentication .  In case there is no dot1x feature on the AP what you can attempt is to use profiling with ISE to allow the AP get access into your network once identified. 

Let me know if that helped you. 

0 Helpful

Go to solution
nupagazi
Level 1
Level 1
In response to Rodrigo Diaz

‎02-02-2023 10:04 PM

Hello Rodrigo,

Thank you for suggestion. Le me have a search into that.

Regards,

An

0 Helpful

Go to solution
nupagazi
Level 1
Level 1
In response to nupagazi

‎02-07-2023 12:15 AM

I have found workaround solution for this. If we use both Meraki APs and switches, then we can use feature called SecurePort (SecureConnect) to authenticate APs.

https://documentation.meraki.com/MS/Access_Control/SecurePort_(formerly_known_as_SecureConnect) 

0 Helpful
Customers Also Viewed These Support Documents