Meraki

MauroF

Hi,

I'm currently testing Access Manager and it's looking great!

I just have a couple of questions:

Is it possible to use the same SSID to authenticate both via Entra ID and MAB (based on MAC addresses assigned to a Client-group object in Access Manager)?
Besides Entra ID, can I integrate other Identity Providers such as Google?

Thanks in advance for your support!

Mau

Ryan_Miles

You will need two SSIDs: one for MAB and a second for 802.1X.

View solution in original post

alemabrahao

Hi,

1 - Yes, it is possible to use the same SSID to support both Entra ID (formerly Azure AD) and MAB.

2- Direct integration with Google as an IdP is not natively supported in Meraki Access Manager.
You might be able to use a third-party identity broker like Okta, JumpCloud, etc.

https://documentation.meraki.com/Access_Manager/Access_Manager_Configuration_Guides/Access_Manager_n...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

MauroF

This is my configuration....but when i connect to the SSID ,it asks me for username/password.Why?

This is also my SSID config:

any idea?

MauroF

Hi,

Ryan who work for Meraki said: "You will need two SSIDs: one for MAB and a second for 802.1X."

mmm

alemabrahao

You had not specified that you wanted to use 802.1x.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

MauroF

ah ok. Can i ask then which other authentication methods are accepted to use only one SSID with EntraID and MAB together?

nicdc01

Where do you find the option to configure a different IdP other than Entra?
Selecting the "+Create IdP" forwards me to an Entra ID configuration page and doesn't give the option to configure anything else.

As far as I can tell the documentation remains vague about other 3rd party providers. Assuming it might be a Feature Flag you need to request them to enable?

MauroF

At the moment you can authenticate ONLY with Azure. Future will tell f they will add some ore identity Provider.

Ryan_Miles

The SSID needs to be configured for MAB and Access Manager can be the source it authenticates against. This doc covers it in great detail https://documentation.meraki.com/Access_Manager/Access_Manager_Configuration_Guides/Access_Manager_n...

Entra is the only supported IdP today. More should come in the future.

MauroF

Hi Ryan,

first of all thanks for your help.

you say that SSID needs to be configured for MAB and Access Manager but if i set up the SSID for MAB...how can i authenticate on the same SSID my users againstEntra ID?

At the moment my SSID is configured with "ENTERPRISE with ACCESS MANAGER". With this config i can authenticate my user against EntraID but not MAB.

is that correct?

Ryan_Miles

You will need two SSIDs: one for MAB and a second for 802.1X.

MauroF

ah ok...ive been told differentty here above but it seems like you are a meraki Employee so...well thanks for your help

PhilipDAth

You can do MAB and 802.1x on a wired port. WiFi is a bit different.

Meraki

Community

Questions about Access Manager Integration

Questions about Access Manager Integration