cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Meraki Authentication - Limit per device amount of email addresses to sign up

Conversationalist

Meraki Authentication - Limit per device amount of email addresses to sign up

I've looked around the Meraki documentation but can't find such a simple solution to prevent users from a single device (probably just based on mac address) who try to sign up to a guest network using Meraki Authentication with multiple spoofed email addresses.

 

The captive portal blocks all access until the sign-on is complete but Meraki allows the user internet access for the first 10 minutes by default so that the user can validate their email address and gain access. Although after 10 minutes, the user can just try to sign-up again with another email address and is provided another 10 minutes of access and further more.

 

Is there not an ability to only allow a single device to sign-up to the portal once or twice and then permanently block that device for a period of time preventing the user from gaining 10 minutes of free internet everytime they sign up? It sounds like a simple feature that Meraki should of implemented but I suppose they are extremely limited in features and miss the obvious features like this...

 

p.s Just to confirm, I'm not talking about the feature simultaneous logins (eg. limit logins to one device at a time)

2 REPLIES 2
Kind of a big deal

Re: Meraki Authentication - Limit per device amount of email addresses to sign up

You might be better off using sponsored guest mode so that an internal staff member has to approve the access.

https://documentation.meraki.com/MR/Encryption_and_Authentication/Sponsored_Guest 

 

Otherwise you'll need to use a commercial splash provide such as splash access.  They have additional systems checks to mitigate these issues further.

https://www.splashaccess.com/

Conversationalist

Re: Meraki Authentication - Limit per device amount of email addresses to sign up

Yeah I think the customer would like to not manually intervene. Meraki officially got back to me and said this isn't supported. I'll look into the splash access and see if that is a viable solution.

 

Many thanks 

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.