Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1417
  • Last Modified:

Certificate Question: 802.1x Authentication of iPad to Cisco Meraki WiFi

I am using a Cisco Meraki MR34 and I have an SSID setup for 802.1x with RADIUS authentication.  When a Windows host on the domain attaches to that domain - badaboom the device is on the network.  Great.  Now if I want my iPad to attach to that network I get prompted for AD user ID and password.  MS NPS RADIUS accepts my password and a certificate comes to the iPad from the domain controller - here MITYDC1.
Works pretty well.  BUT I am trying to see if the DC is keeping track of this certificate that it has issued and I am not seeing it.  I am looking in Console Root/Certificates(Local Computer) and all the branches below Certificates(Local Computer) but not seeing it there.  Is this information stored elsewhere?  Or perhaps I am just missing it in my search?  My longer goal would be to be able to revoke this certificate on demand if I wanted in the future.  Any thoughts appreciated.

+ System

  - Provider

   [ Name]  Microsoft-Windows-Security-Auditing
   [ Guid]  {54849625-5478-4994-3e3b0328c30d}
 
   EventID 6278
 
   Version 0
 
   Level 0
 
   Task 12552
 
   Opcode 0
 
   Keywords 0x8020000000000000
 
  - TimeCreated

   [ SystemTime]  2014-03-03T19:54:26.270Z
 
   EventRecordID 462586891
 
   Correlation
 
  - Execution

   [ ProcessID]  616
   [ ThreadID]  4500
 
   Channel Security
 
   Computer MITYDC1.MCAT.LOCAL
 
   Security
 

- EventData

  SubjectUserSid S-1-5-21-2244651681-2909242435-3723-4534
  SubjectUserName sclemmens
  SubjectDomainName MCAT
  FullyQualifiedSubjectUserName MCAT.LOCAL/IT Test/Samuel Clemmens
  SubjectMachineSID S-1-0-0
  SubjectMachineName -
  FullyQualifiedSubjectMachineName -
  MachineInventory -
  CalledStationID 02-18-4A-A3-5F-E0:mcatwifi
  CallingStationID 38-48-4C-E3-3C-6F
  NASIPv4Address 10.10.32.14
  NASIPv6Address -
  NASIdentifier -
  NASPortType Wireless - IEEE 802.11  
  NASPort 0
  ClientName sfo-cmr34-02
  ClientIPAddress 10.10.32.14
  ProxyPolicyName Use Windows authentication for all users
  NetworkPolicyName Wireless PEAP
  AuthenticationProvider Windows  
  AuthenticationServer MITYDC1.MCAT.LOCAL
  AuthenticationType PEAP
  EAPType Microsoft: Secured password (EAP-MSCHAP v2)
  AccountSessionIdentifier -
  QuarantineState Full Access  
  ExtendedQuarantineState -
  QuarantineSessionID -
  QuarantineHelpURL -
  QuarantineSystemHealthResult -
0
amigan_99
Asked:
amigan_99
1 Solution
 
Cliff GaliherCommented:
It is not issuing any certificate. It is only sending its own certificate for identification purposes.
0
 
amigan_99Network EngineerAuthor Commented:
That helps a lot - thank you.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Increase Security & Decrease Risk with NSPM Tools

Analyst firm, Enterprise Management Associates (EMA) reveals significant benefits to enterprises when using Network Security Policy Management (NSPM) solutions, while organizations without, experienced issues including non standard security policies and failed cloud migrations

Tackle projects and never again get stuck behind a technical roadblock.
Join Now