Sharing user authentication with Meraki Wireless/Radius
I have both an MX appliance and Meraki wireless. It is all running over a non-meraki layer 3 switch with multiple VLANS.
The Meraki devices are setup in separate networks rather than a combined network as we need to use client tracking by IP on the MX appliance.
We have multiple BYOD SSID's on the meraki wireless which use RADIUS to authenticate user connections (our RADIUS servers are linked to active directory). Once a user is authenticated their username is shown in the Meraki wireless client list against the client.
On the MX appliance we have it AD linked, and this allows it to identify all our domain-joined clients. However the BYOD clients are only shown as IP addresses here, and the username is not detected (I assume that the AD agent does not monitor for NPS logon events too)
Is it possible to get the MX appliance and the MR wireless to share the user identification details? (without making the MR use a splash screen to request login details from the user a second time!)
They won't share between networks. Because the MX relies on scanning the Security event log on the AD controller to find login events and the IP addresses they come from - and RADIUS does not create these event logs - I don't think you will be able to achieve what you would like.
The closest you would do would be to configure the MX to do splash page login for the BYOD network.
So if I have MR wireless and an MX appliance and want to do BYOD access based on an AD group and identify my users for web browsing then my only option is to have 2 completely separate user logon events!