Meraki MR52 AP's copying list of devices with custom SSID that are whitelisted to other AP's

THub
New here

Meraki MR52 AP's copying list of devices with custom SSID that are whitelisted to other AP's

I have 10 Meraki MR52 AP's that are all installed at different locations.  They are all bound to the same AP Template.  We have a long list of users that we exclude from getting the splash page when they connect to the wireless network.  It looks like if I add all the devices to one of the AP's under Clients, it should populate out to all the other AP's that are bound to that same template, however this is not happening.

 

I tried the Configuration Sync option under Organization, but it won't let me click in the little tabs for the Whitelist and blocked devices we want to copy.  We have over 200 devices that we grant executive access to, don't really want to manually add all of them to every AP, especially when we will have over 80 AP's in the next few months.  In the past we used to 

 

Our old wireless solution was a Cisco Wireless Controller and all we had to do was add a devices MAC or remove a MAC and it would be automatically pushed to all the AP's assigned to that controller.

3 REPLIES 3
PhilipDAth
Kind of a big deal
Kind of a big deal

You need to use RADIUS and assign group policy to make this works.  Ideallu you should be using WPA2-Enterprise mode as well.

https://documentation.meraki.com/MR/Encryption_and_Authentication/Configuring_RADIUS_Authentication_...

You us ethe "FilterId" attribute.

We have WPA-2 Enterprise enabled and are using a Radius server.  Users devices connect fine on our regular guest wifi after they authenticate.  Devices also work on our Exec wifi where they don't have to authenticate at all.  This issue is that we have sites spread through out the state.  Users that have devices on the exec network need to be able to access the wifi at all the locations with Meraki AP without us having to add their device to each AP manually.  I get that we would need to add the device to 1 AP per Template, but there has to be a way for that list to copied to all the other AP's that are bound to that template right?

PhilipDAth
Kind of a big deal
Kind of a big deal

If you have WPA2-Enterprise configured then the exec machines are authenticating - even if it is single sign on using their Windows login name.

 

You just need to create an extra rule on your RADIUS server to match the "Exec" group in AD, and assign the additional FilterId attribute.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels