Hello, I'm evaluating going Meraki from an ASA for perimeter security at some locations, and the only two potential hangups I'm having are:
1. Does the Client VPN configuration support dynamic Group Policy / Access based on RADIUS Group attributes (like MS250 Access Policies for switchport security)?
2. Is there any consideration by Meraki of future support for LDAP-s AUTH across the board? That's what I use heavily today for Authentication and Authorization, but it doesn't appear Meraki supports LDAP at all.
When you setup the client VPN option using Active Directory it does use LDAPS.
I don't think you can apply dynamic group policy to users VPNing in.
I have never attempted it - but you may be able to do something for users that have an MDM agent installed onto their machine, and using a dynamic tag to assign policy.
Thanks for the response. Unfortunately, by our customer security requirements, we can't use AD. We're a total Linux, MacOS shop. We use FreeIPA. We use Aruba WiFi since it supports PMKID and LDAP-s, but Meraki WiFi had not at the time (maybe still doesn't).
I'll keep digging. Surely Meraki has some answer to this outside Windows. Thanks again!!