I am following this guide to configure self-registered/sponsored guests portal. Splash pages are served by Cisco ISE 2.2. WLAN is comprised of MXs and Meraki APs.
In this guide where it says:
Guest Internet Access Authorization Profile
Select theACCESS_ACCEPToption for Access Type
Check the optional Airspace ACL Name check box, and define the name of a custom group policy configured on the Meraki Dashboard. This example used a group policy namedinternet.
My Question is -- what happens if i don't create a custom group policy on Meraki dashboard? I spoke to Meraki admin, he says they haven't created any custom group policy. I understand this is like an ACL. We have firewalls between Guest subnet and corporate WAN. So, is it still necessary to create this group policy? Will not creating this element break any functionality?
Adding the airspace ACL/group policy is not a requirement after the user is authenticated. The COA sent from ISE will start a new session with the new information. However adding a group policy that only allows access to the internet is a great defense in depth strategy in case something else happens.