You don't need to use splash page in this case. But I personally think that using 802.1x is a better option.
MAC-based Access Control
MAC-based access control admits or denies wireless association based on the connecting device’s MAC address. When a wireless device attempts to associate, the Meraki AP queries a customer-premise RADIUS server with an Access-Request message. The RADIUS server can admit or deny the device based on the MAC address, responding to the Meraki AP with either an Access- Accept message or an Access-Reject message, respectively.
This authentication method requires no client-side configuration. However, it suffers from a poor user experience. Wireless clients that are denied wireless association simply cannot connect to the SSID, and they do not receive any explicit notification about why they cannot connect.
If this authentication method is selected, at least 1 RADIUS server must be configured on the Access Control page in the “RADIUS for MAC-based access control” section. This section includes a test tool that simulates the wireless device connecting to every Meraki AP in the network.
See the MAC-based Access Control Configuration guide on how to get started with MAC-based access control.
WPA2-Enterprise with 802.1X Authentication
802.1X is an IEEE standard framework for encrypting and authenticating a user who is trying to associate to a wired or wireless network. WPA-Enterprise uses TKIP with RC4 encryption, while WPA2-Enterprise adds AES encryption.
802.1X can be transparent to wireless users. For example, Windows machines can be configured for single sign-on, such that the same credentials that a user enters to log into his machine are passed automatically to the authentication server for wireless authentication. The user is never prompted to re-enter his credentials.
802.1X utilizes the Extensible Authentication Protocol (EAP) to establish a secure tunnel between participants involved in an authentication exchange. The MR supports multiple EAP types, depending on whether the network is using a Meraki-hosted authentication server or a customer-hosted authentication server. The following table shows the EAP types supported by the MR access points:
https://documentation.meraki.com/MS/Access_Control/MS_Switch_Access_Policies_(802.1X)
I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.
Please, if this post was useful, leave your kudos and mark it as solved.
