For the moment we are using Pulse Secure Connect as a remote users access solution.
We know that Meraki MX supports clients' VPN, and I need to understand the limitation.
Currently, some users are having full access to the network but also for Clients/3rd parties to access to some specific services/servers. (not all the network).
Pulse secure is based on AD security Group and sign-in page with 2 factors authentications.
Can MX is able to provide the same solution ?
Meraki doesn't have a dedicated software client for its client VPN. It's using the built-in IPsec client of the operating system. There's also no SSL client VPN.
There's limited support for 2FA as described here:
But in my opinion it won't be comparable with your current solution. Meraki are likely adding support for Anyconnect at some point, but there's no timeline for that. At that point this may change and provide a valid replacement for your current solution.
If you need to provide different access to different user groups, no, the Meraki client VPN won't do you. You get a single user group with a single access level on the firewall itself.
By the way, you're aware of the Pulse vulnerabilities right? If not, you should check for updates. 🙂
@Nash Thanks ...Please clarify if this limitation is due to the fact that only 1 client VPN IP subnet can be defined in meraki dashboard and we can apply firewall policy for this particular client VPN subnet to allow or deny .
Essentially, yes. You can set firewall rules for that subnet, but then you may restrict access that your employees need.
I really, strongly would recommend pursuing a non-Meraki client VPN solution. If I had a client with your needs, since we're a Cisco/Meraki VAR, I'd sell an ASA or Firepower device.