Meraki

Community

Client VPN password and organization security settings

Solved
harmankardon
Building a reputation
‎Mar 30 2022 8:37 AM
‎Mar 30 2022 8:37 AM

Client VPN password and organization security settings

For client VPN, I believe the following to be true:

 

1. If account type is Guest, client VPN password is set by a dashboard admin via the dashboard.

2. If account type is Administrator, client VPN password is the users dashboard password.

 

Are both of these assumptions true? And for #1, can the users reset their password themselves?

 

And do the options in Organization -> Settings -> Security Settings apply to both client VPN users and dashboard admins? If it doesn't apply to dashboard admins, is it possible to force 2FA for admins some other way?

 

 

0 Kudos
1 Accepted Solution
Jeizzen
Getting noticed
‎Mar 30 2022 10:16 AM
‎Mar 30 2022 10:16 AM

Yes, my apologies, seems that yes client vpn now can reset their password:

 

Note: A user can modify their own credentials and reset their password if they are not an administrator account by logging in through account.meraki.com/account/account_login. This page is only available for users created under SSID configured as splash or Client VPN.

 

those blue information squares in Meraki doc always have important notice 🙂

 

View solution in original post

0 Kudos
10 Replies 10
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 30 2022 8:45 AM
‎Mar 30 2022 8:45 AM

Yes, this is true. No, they can't change their passwords by themselves. 2FA is just to dashboard admin it is not applicable for guest users.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
harmankardon
Building a reputation
‎Mar 30 2022 8:48 AM
‎Mar 30 2022 8:48 AM

Ok so if I am an admin for multiple dashboard organizations and one of them is set to force 2FA, that affects my dashboard account meaning regardless of which organization I am signing in for, I will be forced to use 2FA?

0 Kudos
In response to harmankardon
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 30 2022 8:52 AM
‎Mar 30 2022 8:52 AM

Yes

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Jeizzen
Getting noticed
‎Mar 30 2022 8:51 AM
‎Mar 30 2022 8:51 AM

1. True

2. True

 

Users cannot reset their passwords themselves

 

Read-only access as an Guest Ambassador mode has the right to reset users vpn passwords

0 Kudos
harmankardon
Building a reputation
‎Mar 30 2022 10:04 AM
‎Mar 30 2022 10:04 AM

I guess I should have clarified, we are using Meraki Cloud Authentication. I had one of my users forward me their welcome email and it has a link to https://account.network-auth.com/ which does seem to allow users to change their password.

 

@alemabrahao was your answer assuming we were using a different authentication type?

0 Kudos
In response to harmankardon
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 30 2022 10:11 AM
‎Mar 30 2022 10:11 AM

No, I assumed that you are using Meraki Cloud Authentication. 😊 

 

As far as I record the option to change the password is only for guest wifi users.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
harmankardon
Building a reputation
‎Mar 30 2022 10:14 AM
‎Mar 30 2022 10:14 AM

I finally got a chance to test (I probably should have tested first), as far as I can tell client VPN users with Meraki Cloud Authentication can reset their own password via that URL. 

0 Kudos
In response to alemabrahao
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 30 2022 10:15 AM
‎Mar 30 2022 10:15 AM

Well, I have checked, and you are right, now It is possible to change the password. Sorry for my mistake.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Jeizzen
Getting noticed
‎Mar 30 2022 10:16 AM
‎Mar 30 2022 10:16 AM

Yes, my apologies, seems that yes client vpn now can reset their password:

 

Note: A user can modify their own credentials and reset their password if they are not an administrator account by logging in through account.meraki.com/account/account_login. This page is only available for users created under SSID configured as splash or Client VPN.

 

those blue information squares in Meraki doc always have important notice 🙂

 

0 Kudos
In response to Jeizzen
harmankardon
Building a reputation
‎Mar 30 2022 10:23 AM
‎Mar 30 2022 10:23 AM

I didn't even know this Meraki document existed! Thanks for pointing me in the right direction. The Client VPN Overview Meraki doc doesn't even mention that page.

 

The URL for anyone else seeing this is: https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Managing_User_Account...

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.