cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Office 365 authentication on Meraki WiFi

Highlighted
Comes here often

Office 365 authentication on Meraki WiFi

Hello people.

 

I am a student of the University of Guayaquil, Ecuador.

I am proposing to carry out a project so that the students of my university can authenticate through the office 365 using Meraki Wifi.

 

Is it possible to integrate Meraki Wifi with Office 365 (Azure AD)?

 

If this is not possible, is it possible to virtualize a Radius Server that integrates with Azure AD and in turn integrate Meraki Wifi with my virtualized Radius Server?

 

Beforehand thank you very much.

12 REPLIES 12
Highlighted
Getting noticed

Re: Office 365 authentication on Meraki WiFi

Meraki doesn't support authentication with Azure AD directly for now.
But you can use intermediate NPS server which joined to Azure AD.

It seems your university uses MS Azure, so I think that create Windows server that runs NPS service as VM will do the trick.
Highlighted
Kind of a big deal

Re: Office 365 authentication on Meraki WiFi

I don't think it is a great solution but you could look at JumpCloud as well.

https://jumpcloud.com/blog/radius-authentication-microsoft-office-365/ 

Highlighted
Kind of a big deal

Re: Office 365 authentication on Meraki WiFi

I would start with trying Windows' NPS as well. If you can get an NPS server to talk with Azure AD, then it should be relatively simple to setup 802.11x. Meraki has good instructions.

 

Make sure you get a certificate with a reasonable life span. We have had "mysterious" wifi authentication problems that boiled down to expired certificates on our NPS servers. 🙂

Highlighted
Comes here often

Re: Office 365 authentication on Meraki WiFi

@PhilipDAth - thanks for mentioning us. @GuillermoLazo, As Philip indicates, JumpCloud can act as the cloud-based RADIUS service to connect/bind your Office 365 (or Google) accounts to WiFi and VPN equipment, like Cisco Meraki WAPs and switches. We service a number of organizations who have this similar use case and we'd be happy to work with you to see if we can help.

Highlighted
Getting noticed

Re: Office 365 authentication on Meraki WiFi

It is possible via different options. Go for NPS or Tekradius on Windows platform if you are familiar with it or even Freeradius on Linux. We've been running Tekradius on Windows Server and Freeradius on CentOS for the last 3 years or so without any problems whatsoever.
Highlighted
Comes here often

Re: Office 365 authentication on Meraki WiFi


I think it's a good solution, but is there a free temporary license to be able to take a proof of concept?
Highlighted
Comes here often

Re: Office 365 authentication on Meraki WiFi


It seems like a good solution. Is there any video tutorial of the integration? Or would I only need the public ip of the office 365 of my university to be able to perform the integration?
Highlighted
Getting noticed

Re: Office 365 authentication on Meraki WiFi

I'm afraid we don't have any setup documentation left, even if we did it would be outdated by now.

Look at O365 licensing first. If you University is licensed for Azure AD Premium or Azure AD Basic + MFA than by all means go for NPS option: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-nps-extension That comes with MFA capabilities as well.

If University has Azure AD Basic license only (like we do), then you need to be more creative. Tekradius + Windows Server is arguably the easiest way to do it. Note that Tekradius is not free. Freeradius on Linux is not beginner friendly, if you haven't touched Linux before, don't bother.

Regardless of the choice you will need to spin up a few VMs is Azure. I haven't touched NPS options myself, but if memory serves TekRadius and FreeRadius couldn't handle more than 30 auth requests per second, so depending on your user base you may want to budget for this accordingly. With our 1000+ users and 30 days WiFi auth validity we make do with two VMs which costs us about $50 a month.
Highlighted
New here

Re: Office 365 authentication on Meraki WiFi

TekRADIUS has a free operation mode and can handle 200+ authentication requests per second with proper hardware configuration.

Highlighted
Comes here often

Re: Office 365 authentication on Meraki WiFi

JumpCloud offers your first 10 users/machines free access, forever - https://console.jumpcloud.com/signup
Highlighted
Conversationalist

Re: Office 365 authentication on Meraki WiFi

Hi,

 

The only way to join a NPS server to the Azure AD is through AADS (Azure AD Domain Services)

Because this is a managed AD there are some limitations.

 

- You cannot register the NPS server in the AD, this only breaks the integration with the dial-in properties tab of the user. So you can ignore this one.

- Single sign-on will not work from on-premise domain joined devices, i tried to fix it with re-write rules in the NPS because the Azure AD will use the UPN and the on-prem netbiosdomainname\u.name. This also didn't work.

 

https://cloudinfrastructureservices.co.uk/how-to-setup-radius-server-2016-in-azure-for-wireless-auth...

 

@PhilipDAth suggested JumpCloud, maybe that worth to look at. But it replaces your Azure AD

Comes here often

Re: Office 365 authentication on Meraki WiFi

Just a little clarification... JumpCloud doesn't "replace" Azure AD as that is the substrate for Office 365 (and Azure user management). What we do is integrate with Azure AD so that you can provision / manage Azure AD identities, but also use that same identity for Merkai WiFi, systems, applications, etc.
 
You can always try the platform for free or just drop us a note and we are happy to run through a demo and/or answer any questions. You can reach us at support@jumpcloud.com.
 
Happy Holidays! 
 
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.