Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts in the Routing and SD-WAN forum. Click to go to the forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5739
Views
4
Helpful
4
Replies

PKI solution with Meraki

Go to solution
Slider
Frequent Visitor
Frequent Visitor

‎02-05-2020 04:21 PM

Hi,

Is this doable? Connectivity to APs governed by machine ID certificates  provided Enterprise PKI solution?

HM
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mahensin
Cisco Employee
Cisco Employee

‎02-05-2020 05:51 PM

Answer would be a No.

More details on available encryption & Auth modes on Meraki are on this doc.

https://documentation.meraki.com/MR/Encryption_and_Authentication/Setting_a_WPA_Encryption_Mode

Interested to know what is the use case where you want to use the machine ID certs over the other options ?

View solution in original post

4 Replies 4

Go to solution
mahensin
Cisco Employee
Cisco Employee

‎02-05-2020 05:51 PM

Answer would be a No.

More details on available encryption & Auth modes on Meraki are on this doc.

https://documentation.meraki.com/MR/Encryption_and_Authentication/Setting_a_WPA_Encryption_Mode

Interested to know what is the use case where you want to use the machine ID certs over the other options ?

Go to solution
Slider
Frequent Visitor
Frequent Visitor
In response to mahensin

‎02-06-2020 09:27 AM

Thank you!

HM
0 Helpful

Go to solution
GreenMan
Cisco Employee
Cisco Employee
In response to mahensin

‎02-06-2020 09:37 AM

Not sure I agree with your "No" here - unless I've misinterpreted something..?
If a customer is looking to have clients connect to a Meraki MR-based SSID using Enterprise 802.1x, with certificates for EAP-TLS, this is supported - but it would need an external RADIUS server to accomplish; the PKI infrastructure would need to issue appropriate certs for both the RADIUS server and all the connecting clients, establishing the necessary bi-directional chain of trust.

Meraki could also achieve something very similar, natively, through use of the new Trusted Access feature, using Systems Manager licensing: https://documentation.meraki.com/zGeneral_Administration/Cross-Platform_Content/Trusted_Access_for_Secure_Wireless_Connectivity
This is usually used for addressing Bring Your own Device (BYoD) requirements.

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card