Client VPN and Azure AD

SOLVED
Aiv
Just browsing

Client VPN and Azure AD

Hi All 

 

I have a question that I hope someone can help me with since I cant find the answer. 

 

I have a MX84 that has Client VPN enabled. For VPN authentication we use Meraki Cloud which is fine. But now I got a request asking to be able to use same login credential as we use for Azure AD ( office 365).

 

Is there any way to set this up without having to use RADIUS server?  I know there is possibility to use SAML set up to acces the dashboard and assign roles. Would it be possible to use something like that for Client VPN authentication? 

 

 

 

1 ACCEPTED SOLUTION

Accepted Solutions
PhilipDAth
Kind of a big deal

Re: Client VPN and Azure AD

I want to tell you the answer is "no".

 

However if you enjoy a lot of grief it should be possible using a RADIUS proxy solution.  I think Jump Cloud is quite well known in this space:

https://jumpcloud.com/

 

But if it was me I would tell the person making the request "no".  But that's me.  I don't like lots of complexity and grief.

View solution in original post

6 REPLIES 6
Nash
Kind of a big deal

Re: Client VPN and Azure AD

So to confirm, your only source of AD is Azure AD? You do not have an on-premises AD that syncs to Azure?

Aiv
Just browsing

Re: Client VPN and Azure AD

Yes that is 100% correct.

PhilipDAth
Kind of a big deal

Re: Client VPN and Azure AD

I want to tell you the answer is "no".

 

However if you enjoy a lot of grief it should be possible using a RADIUS proxy solution.  I think Jump Cloud is quite well known in this space:

https://jumpcloud.com/

 

But if it was me I would tell the person making the request "no".  But that's me.  I don't like lots of complexity and grief.

View solution in original post

Aiv
Just browsing

Re: Client VPN and Azure AD

Hi Philip,

 

Oow wel, it's what I had expected I just could not find a clear answer if it was Yes or No. 

 

Normally I do like a good challenge but for the few managers that need this I don't se a point in doing it. 

HenrySwartout
New here

Re: Client VPN and Azure AD

The answer is "Yes". 

 

Using on-prem Active Directory which is synced with Azure AD.

 

Setup the Client VPN to authenticate with on-prem AD.

 

Henry

APro
New here

Re: Client VPN and Azure AD

The plain answer is probable "No"

 

Just to add to this solution. 

 

We've been using a cloud solution from Portnox to achieve just that (Using their cloud radius - so no setup!), we also use their embedded MFA for the authentication of the Azure AD users over the VPN. 

 

Check it out: https://clear.portnox.com  I think there is a free trial and it's quite easy to setup yourself. 

 

I think this is the details about their solution: https://www.portnox.com/use-cases/remote-access/ 

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.