Guest WIFI user automation

Beagless
Comes here often

Guest WIFI user automation

Hey Meraki Community

Just wondering what other people are doing for guest wifi user automation

 

we're currently looking at the sponsor page to do it but was wondering what other people have used - API's or spalsh page (we need to have the account approved hence sponsor page)

 

thanks 🙂

10 REPLIES 10
timeshimanshu
Getting noticed

That depends @Beagless we trust our guest hence we are using PSK. But sponsor page based authentication can be done with ISE.

kYutobi
Kind of a big deal

Really depends on how you want your guests to access this. You can have either username and password set with Meraki authentication and cycle the passwords from one or many "guests users". Sponsor logins work well too. I even have a network that's OPEN and have fw rules set to DENY ALL. Then I just add a policy to approve who I want. 

Enthusiast
Beagless
Comes here often

have you by any chance used the api for wifi user creation ?

kYutobi
Kind of a big deal

I have not. I'm also not too familiar with API's but there are some experts who mess with it here that can answer that.

 

Enthusiast
Beagless
Comes here often

Is it possible to customize the approval email that's sent,  to say send it to service now to open a ticket

After some consideration, I decided that all "Guests" should use an open isolated VLAN, that only connects to the Internet. Isolated means that Guests are also protected from each other. For the rest of it I really don't want to know, it can only lead to "complications". Personally, I do not connect to public WiFis that try and harvest information about users (they get the MAC, or think they do).

 

Other WIFi users may connect to an appropriate SSID for the local/remote access that user is entitled to. Allowing staff some form of Guest/Public access only encourages them to waste time on social media sites when they should be working.

 

There is nothing to stop genuine guests connecting to the Internet using their MNO service. Staff may be required to leave their personal phones in their locker when working. This isn't necessary in most businesses, but hotels, bars and restaurants tend to have a problem. When I lived abroad, my cleaning-lady (from a former Eastern Bloc nation) used my apartment's WiFi to run an Escort service.

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel


@Uberseehandel wrote:

After some consideration, I decided that all "Guests" should use an open isolated VLAN, that only connects to the Internet. Isolated means that Guests are also protected from each other. For the rest of it I really don't want to know, it can only lead to "complications". Personally, I do not connect to public WiFis that try and harvest information about users (they get the MAC, or think they do).

 

Other WIFi users may connect to an appropriate SSID for the local/remote access that user is entitled to. Allowing staff some form of Guest/Public access only encourages them to waste time on social media sites when they should be working.

 

There is nothing to stop genuine guests connecting to the Internet using their MNO service. Staff may be required to leave their personal phones in their locker when working. This isn't necessary in most businesses, but hotels, bars and restaurants tend to have a problem. When I lived abroad, my cleaning-lady (from a former Eastern Bloc nation) used my apartment's WiFi to run an Escort service.

 

@Uberseehandel OMG YIKES!!!


 

Enthusiast


@kYutobi wrote:

@Uberseehandel wrote:

.When I lived abroad, my cleaning-lady (from a former Eastern Bloc nation) used my apartment's WiFi to run an Escort service.

 

@Uberseehandel OMG YIKES!!!



When one is a Master of the Universe, this is what you have to put up with. It is not necessarily a bad thing, it keeps one in touch with the rest of the world. And based on my experiences elsewhere, it is more common than one might imagine.

;-[]

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
PhilipDAth
Kind of a big deal
Kind of a big deal

Our customers tend to use a range of options:

 

* A simple Meraki click through splash page that only operates during the hours the business is open (a common choice)

* A simple WPA2-PSK

* Using the built in pre-paid billing option in "fast" mode.  Guest don't actually pay anything.  But this lets you pre-print a bunch of codes that you can give out to reception.  The billing functionality allows you to put in restrictions like only allowing a code to be used once, and a duration restriction.  You can also get reception to take a log of who they give them out to if you want this kind of auditing.

* We have a lot of retailers use Splash Access (a third party commercial service).  They offer a lot of analytics and integrations that retailers like.

 

I've mentioned sponsored access many times but no one has got us to set that up yet.  Also Splash Access have a much more powerfull sponsored access solution, and then also have an option to do rotating dailing WPA2-PSK's and a QR code that guests can scan to auto-setup the WiFi on their devices.

Hi Phillip

Thanks for that, very help indeed. I guess i'm looking at 2 options then

 

1. Splash page with sponsor access

2. Sponsored access page

 

do you know can much of the above be automated with the api ?

 

i guess where we are trying to get to is user puts in details then email sent to servicenow, servicenow uses api to approve and emails go back to user and servicenow

 

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels