Meraki and Azure Connectivity

RobustMeraki
Getting noticed

Meraki and Azure Connectivity

Does Meraki have the capability to integrate with Azure AD for user, password, or group synchronization, especially in scenarios where specific users or groups who dont have VPN should be excluded from VPN access? Is there a feature like Azure Connect available within Meraki for such purposes? 

3 Replies 3
Tony-Sydney-AU
Meraki Employee
Meraki Employee

Hello @RobustMeraki ,

 

Thanks for your question. The answer is yes, Client VPN (a.k.a. L2TP/IPsec Client VPN) can have its Authentication configured to check credentials provided by Active Directory or other LDAP directory.

 

However, your use-case requires two things:

  1. A Site-to-Site VPN between your MX firewall and your Azure VPC
  2. A RADIUS server that will receive the Client VPN authentication requests and then kind of translate to a domain controller query to your Azure AD.

 

So this brings more questions like:

  • How to establish a Site-to-Site VPN with Azure VPC?
  • How to configure a RADIUS server?

 

I surely can point you to Meraki docs covering the above topics but I suspect you'll link this other solution and design better.

 

In this other post, people recommended implementing a Cisco AnyConnect using SAML to Azure AD. Cisco AnyConnect is our own Client VPN and I personally prefer it because: a) your MX already has a license and b) AnyConnect uses a TLS tunnel which is generally more resilient to NAT issues when your users are using mobile hotspots, for example.

 

You can find more details about configuring AnyConnect plus SAML Azure AD here.

 

And here you can read about AnyConnect setup.

 

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.

Use AnyConnect+SAML.  Anything else is hard work.

I concur! 🤓 

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels