Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

apply policy group to a vlan that does not live in MX

EnriquePeSa
Here to help
‎Jun 29 2023 5:41 PM
‎Jun 29 2023 5:41 PM

apply policy group to a vlan that does not live in MX

hello community!

 

I have a meraki MX where the SVIs of my LAN live and without problem I can create and assign a policy group per VLAN, now I need to download all the vlans to a switch core (meraki) but I cannot assign the policy group to the vlan, it exists any settings to fix it?

0 Kudos
Subscribe
5 Replies 5
alemabrahao
Kind of a big deal
Kind of a big deal
‎Jun 29 2023 6:23 PM
‎Jun 29 2023 6:23 PM

You can apply group policy per VLAN using a Radius server.

 

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Creating_and_Applying...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jun 29 2023 8:58 PM
‎Jun 29 2023 8:58 PM

If you mean, you need to make a Meraki switch the layer 3 core - then no you can't do group policy on the switch per VLAN.  In fact, most group policy functionality is lost in this case.

0 Kudos
Subscribe
Maumarti
Meraki Employee
Meraki Employee
‎Jan 20 2024 9:59 AM
‎Jan 20 2024 9:59 AM

Thinking you may be speaking of this topology, and if you set the client tracking by IP in that MX-only network, it should be possible for you to manually assign group policies by client IP

 

Alternative that is more automated could be MX Active Directory integration.

0 Kudos
Subscribe
In response to Maumarti
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jan 21 2024 10:49 AM
‎Jan 21 2024 10:49 AM

>if you set the client tracking by IP in that MX-only network, it should be possible for you to manually assign group policies by client IP

 

Negative.  "tracking by IP" only affects reporting (such as the clients page) and nothing else.  You can only attach group policies to a client when the client uses the MX as its default gateway (it must be layer 2 adjacent).

 

Group policies are always attached to a MAC address.

0 Kudos
Subscribe
In response to PhilipDAth
Maumarti
Meraki Employee
Meraki Employee
‎Jan 22 2024 7:56 AM
‎Jan 22 2024 7:56 AM

AH, it was kind of the back of my mind, but completely forgot. Thanks for the reminder, PhilipDAth! The power of the community! I stand corrected.

Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.