Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Users are unable to connect to Hotel WIFI/DELTA WIFI with Always on VPN setting

rhamersley
Getting noticed
a week ago
a week ago

Users are unable to connect to Hotel WIFI/DELTA WIFI with Always on VPN setting

In our company we have employees that travel and currently in our users XML profile(Cisco Secure Client) we have everyone configured with the "Always on VPN" set.   This affect all our users trying to connect to Hotel WIFI's and Airline WIFI access.  They are unable to because they cant establish the Internet access to start the VPN process.   

 

I am trying to check with the Meraki community here on what is the most secure setting for our users with the "Always on VPN" feature configured in our environment.

 

What is the most secure Captive Portal XML configuration to use.   We rely heavily on the highest secure settings and cannot compromise our data and would like to get some ideas or screen shots from what other companies are allowing access to Hotel WIFI and plane hotspots with the "Always On VPN" feature enabled.

0 Kudos
Subscribe
8 Replies 8
alemabrahao
Kind of a big deal
Kind of a big deal
a week ago
a week ago

You had already opened another discussion about this and did not answer any of the questions.

 

https://community.meraki.com/t5/Security-SD-WAN/Users-unable-to-VPN-into-our-network-using-Planes-Ho...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
a week ago
a week ago

You are not likely to find a 100% solution to this.

 

Check out this captive portal troubleshooting guide by Cisco:

https://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/118086-technot...

 

0 Kudos
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
a week ago
a week ago

Going sideways - but what instead of using AlwaysOn - you go the zero trust route?

 

0 Kudos
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
a week ago
a week ago

Or full-on SASE with Cisco Secure Connect?

https://documentation.meraki.com/CiscoPlusSecureConnect

 

0 Kudos
Subscribe
rhamersley
Getting noticed
a week ago
a week ago

Philip.....I do like the Full-On SASE with Cisco secure Connect.   Have you deployed this?  and since I have 5 network locations across the USA as a Hub-Spoke connection and I was curious if I could test the Full-On SASE with Cisco Secure Connect in one location as a test bed or is a turn on for all location type of setup?   

 

How hard is the Full-on SASE with Cisco Secure Connect configuration is to deploy?

 

What kind of licenses would I need additionally if I do?

 

We currently have Cisco Secure Client on all our workstations, Does this configuration require another end point software to be deployed?

 

 

Subscribe
In response to rhamersley
rhamersley
Getting noticed
a week ago
a week ago

Philip...

Answered this question myself...

We currently have Cisco Secure Client on all our workstations, Does this configuration require another end point software to be deployed?

 

Looks like we can still utilize the Cisco Secure Client (That we are using now) or we could use a browser on the users workstation.   

 

If you have experience with deploying this configuration what suggestion you would recommend or is one setup/configuration more extensive than the other.   

 

Looks like our company will deploy this full-On SASE with Cisco Secure Connect and would like to document on what the steps are so I can actually upload it to the Meraki Community for other users to be able to read and do not have to bombard people like you that answer all our sometimes "Dumb" questions...LOL

0 Kudos
Subscribe
In response to rhamersley
PhilipDAth
Kind of a big deal
Kind of a big deal
a week ago
a week ago

I have not deployed the full Meraki+Umbrella SASE solution.  I have requested pricing for 5 licences so I can buy it and have a play ...

 

I does use Cisco Secure Client and the Umbrella module contained in it.  You could use Cisco Secur Client like you do now - but a lot of things would no longer need it.

0 Kudos
Subscribe
rhamersley
Getting noticed
a week ago
a week ago

Also I probably would create a new topic here in the Meraki Community referring to the Configuration of Full-On SASE with Cisco Secure Connect.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.