Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Certificate Question: 802.1x Authentication of iPad to Cisco Meraki WiFi

Posted on 2014-03-03
2
Medium Priority
?
1,353 Views
Last Modified: 2014-03-03
I am using a Cisco Meraki MR34 and I have an SSID setup for 802.1x with RADIUS authentication.  When a Windows host on the domain attaches to that domain - badaboom the device is on the network.  Great.  Now if I want my iPad to attach to that network I get prompted for AD user ID and password.  MS NPS RADIUS accepts my password and a certificate comes to the iPad from the domain controller - here MITYDC1.
Works pretty well.  BUT I am trying to see if the DC is keeping track of this certificate that it has issued and I am not seeing it.  I am looking in Console Root/Certificates(Local Computer) and all the branches below Certificates(Local Computer) but not seeing it there.  Is this information stored elsewhere?  Or perhaps I am just missing it in my search?  My longer goal would be to be able to revoke this certificate on demand if I wanted in the future.  Any thoughts appreciated.

+ System

  - Provider

   [ Name]  Microsoft-Windows-Security-Auditing
   [ Guid]  {54849625-5478-4994-3e3b0328c30d}
 
   EventID 6278
 
   Version 0
 
   Level 0
 
   Task 12552
 
   Opcode 0
 
   Keywords 0x8020000000000000
 
  - TimeCreated

   [ SystemTime]  2014-03-03T19:54:26.270Z
 
   EventRecordID 462586891
 
   Correlation
 
  - Execution

   [ ProcessID]  616
   [ ThreadID]  4500
 
   Channel Security
 
   Computer MITYDC1.MCAT.LOCAL
 
   Security
 

- EventData

  SubjectUserSid S-1-5-21-2244651681-2909242435-3723-4534
  SubjectUserName sclemmens
  SubjectDomainName MCAT
  FullyQualifiedSubjectUserName MCAT.LOCAL/IT Test/Samuel Clemmens
  SubjectMachineSID S-1-0-0
  SubjectMachineName -
  FullyQualifiedSubjectMachineName -
  MachineInventory -
  CalledStationID 02-18-4A-A3-5F-E0:mcatwifi
  CallingStationID 38-48-4C-E3-3C-6F
  NASIPv4Address 10.10.32.14
  NASIPv6Address -
  NASIdentifier -
  NASPortType Wireless - IEEE 802.11  
  NASPort 0
  ClientName sfo-cmr34-02
  ClientIPAddress 10.10.32.14
  ProxyPolicyName Use Windows authentication for all users
  NetworkPolicyName Wireless PEAP
  AuthenticationProvider Windows  
  AuthenticationServer MITYDC1.MCAT.LOCAL
  AuthenticationType PEAP
  EAPType Microsoft: Secured password (EAP-MSCHAP v2)
  AccountSessionIdentifier -
  QuarantineState Full Access  
  ExtendedQuarantineState -
  QuarantineSessionID -
  QuarantineHelpURL -
  QuarantineSystemHealthResult -
0
Comment
Question by:amigan_99
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 59

Accepted Solution

by:
Cliff Galiher earned 2000 total points
ID: 39901687
It is not issuing any certificate. It is only sending its own certificate for identification purposes.
0
 
LVL 1

Author Closing Comment

by:amigan_99
ID: 39901704
That helps a lot - thank you.
0

Featured Post

Looking for a new Web Host?

Lunarpages' assortment of hosting products and solutions ensure a perfect fit for anyone looking to get their vision or products to market. Our award winning customer support and 30-day money back guarantee show the pride we take in being the industry's premier MSP.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The Cyber News Rundown brings you the latest happenings in cyber news weekly. Who am I? I’m Connor Madsen, a Webroot Threat Research Analyst, and a guy with a passion for all things security. Any more questions? Just ask.
If you're a modern-day technology professional, you may be wondering if certifications are really necessary. They are. Here's why.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
There are cases when e.g. an IT administrator wants to have full access and view into selected mailboxes on Exchange server, directly from his own email account in Outlook or Outlook Web Access. This proves useful when for example administrator want…

670 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question