Configruation CWA for switch MS 210,225,425

SBD-TEC
Just browsing

Configruation CWA for switch MS 210,225,425

Hi all,

I'm having a troubles with the configuration CWA on Switch MS meraki with ISE. I can see live log on ISE that client ready for URL redirect but on device have no display URL or anything. 

8 REPLIES 8
GIdenJoe
Kind of a big deal
Kind of a big deal

I don't recall seeing support for CWA on MS switches.
The only things you can do with MS switches at this time is dot1x, mab and overriding access VLANs.

Since you can't do dacls or filter-ID's on the switches I don't see how they could enforce a redirect.  Maybe the new MS390 will support something like this?

 

There is a splash page feature on the MX if that were the default gateway but that is not really your usecase.

Perhaps a more experienced Meraki dude can give a more thorough response.

Greetings,

Thanks for your reply

I have a document mention about URL redirect of all switch MS, help me check whether MS switch actualy support URL redirect for Center Web Authention?

GIdenJoe
Kind of a big deal
Kind of a big deal

Oh ok, I didn't notice that last part there 😉

do you have a document guide about the configuration for URL CWA on MS switch ?

GIdenJoe
Kind of a big deal
Kind of a big deal

I don't..

From the document you found I can see the URL-redirect AV-pair but I can't see anything about a redirect-ACL so I'm assuming you don't need one.

 

However in ISE I'm not sure if you can leave the field redirect-acl blank.

If not maybe you'll have to add the av-pair manually in the advanced section.

 

I think this is where a Meraki Employee needs to jump in and provide support and guidance 😉

Hi

How long to employee meraki jump in here =))

Hi  @SBD-TEC ,

 

Based on the documentation you have linked the feature should work as described and it seems as you mentioned from the ISE logs the clients should be redirected. You will need to figure out whether the client is then trying to access the redirect URL from thereon, you will need a packet capture on the relevant ports. I highly recommend you reach out to Meraki Support and work with them to answer the above things and they would be more than happy to help you figure out where the break in the flow is so you can get it working as you expect.

 

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels