View Categories

Get started

The EntryPoint RADIUS Service for Dot1x (EAP-TLS) with MS Entra ID ensures that only authorized devices can access your network by using certificates for secure login. Microsoft Entra ID helps manage these logins by verifying users’ identities (User Principal Name, UPN) and compliance (GUID, Globally Unique Identifier aka Entra Device ID) in a secure and efficient way.

Requirements and dependencies #

To complete the configuration in this guide you need access and the required license to the following:

  • Microsoft Entra
  • Microsoft Intune
  • Microsoft Cloud PKI (In some Intune licenses included)
  • Netgraph Entrypoint
  • WiFi Infrastructure (Example with Cisco Meraki in this guide)

Get started #

Prepare the dependencies in Entra + Intune Admin Center and Netgraph Admin Portal #
  1. Create Microsoft Graph API credentials and permissions
  2. Create Microsoft Cloud PKI (Root + Issuing CA)
  3. Example: Create a SCEP certificate profile — device (Microsoft Windows)
  4. Example: Create a Trusted certificate profile — RADIUS Server Certificate (Microsoft Windows)
  5. Example: Create a Trusted certificate profile — Root CA Certificate (Microsoft Windows)
  6. Example: Create a Wi-Fi profile — Acme Enterprise WiFi (Microsoft Windows)
  7. Create a Netgraph Entrypoint RADIUSaaS Context — Basic Configuration
  8. Setup Netgraph Entrypoint RADIUSaaS Context — 802.1x Authentication (EAP-TLS)
  9. Setup Netgraph Entrypoint RADIUSaaS Context — Network Integration
  10. Setup Netgraph Entrypoint RADIUSaaS Context — Entra Group Mapping
  11. Cisco Meraki Example (coming soon….)
#
Note: Modifications to the Microsoft environment should be undertaken only by personnel with appropriate technical expertise to ensure a correct configuration and to mitigate the risk of unintended operational impacts. #
Convert Certificate DER — > PEM, PEM –> DER #


If your cert is in DER format you can convert it with OpenSSL to PEM:
Linux/Mac: openssl x509 -inform der -in <name>.cer -out <name>.pem
Windows: certutil.exe -encode <name>.cer <name>.pem

And in that case, if you need to convert PEM to DER format, example below:
Linux/Mac: openssl x509 -outform der –in <name>.pem -out <name>.crt
Windows: certutil.exe -decode <name>.pem <name>.crt

Netgraph
Powered by  GDPR Cookie Compliance
Cookie Overview

What are cookies?

Cookies are small text files consisting of letters and numbers. These are sent from Netgraph Sverige AB or our partners' web servers and stored on your device (for example, computer or mobile). They can be stored in two different ways.

Session cookies are temporary cookies that disappear when you close your browser or app.
Persistent cookies are cookies that remain on your computer until you delete them or until they expire.

Different types of cookies

Both our website and others, such as Facebook or Google, may place cookies on your computer when you visit this website. Cookies from the website you are visiting are called first-party cookies and cookies from other websites are called third-party cookies.

Other files, similar to cookies, are web beacons and similar technologies. Web beacons are small transparent graphic images that may be contained in emails we send to you.

Why do we use cookies?

We use cookies to make your visit to our website as enjoyable as possible, and to improve it even more. However, we do not store IP numbers or similar personal data about you.

Functionality cookies improve your experience

We store cookies about the pages you have visited to make your experience on our website as smooth as possible. For example, we can prevent you from seeing a pop-up window more than once.

Analytics cookies help us to make our website better

We use cookies to collect aggregate analytical information about how you use the site, such as statistics on our most popular pages. With the information we get, we can improve our web and our offers.

Deleting cookies

Your browser or device usually allows you to set which cookies can be stored on your computer. For example, you can choose to block all cookies, only accept cookies from the website you are visiting or delete all cookies when you close your browser. Look under Settings.

Questions?

Do you have any questions about how we use cookies? You can always reach Netgraph Sverige AB's data protection officer at info@netgraph.se

This information was updated on August 26, 2024.