Meraki Community

GregD · ‎Nov 8 2018

I have both an "Employee" and "Guest" SSID in all our branches. The "Employee" SSID does RADIUS auth for access, whereas the Guest SSID just redirects to a splash page. Management would like to prohibit all corporate-owned laptops and mobile phones from joining the Guest network. In the dashboard, I can just set per-SSID policies and deny access to the Guest, but I can't seem to find a way to do that in the API. I'm trying to write a script that will grab the wireless MACs from our inventory and MDM system and push them into all the wireless networks out there.

NolanHerring · ‎Nov 8 2018

Only option I see via API is to update group policy assigned to a single device on a specific network.

{{baseUrl}}/networks/{{networkId}}/clients/{{clientMac}}/policy?timespan=2592000

{
"devicePolicy": "group",
"groupPolicyId": 102
}

I honestly think it would be easier to do this via the dashboard. Show only the corp SSID for the past 30 days, and just select all the corp devices on the client list view and change the policy to different policies by SSID and block them from guest.

Nolan Herring | nolanwifi.com

PhilipDAth · ‎Nov 8 2018

Definately do this via the dashboard.

First bring up a list of all the clients on the employee SSID, and select them all.

Then apply a group policy noting to block access to your guest SSID.

You should be finished in about half a dozen mouse clicks.

GregD · ‎Nov 9 2018

Yeah that's what I'm coming up with. I can get the MAC addresses easy enough, but there are 16 wireless networks (one per branch) and doing the copy-paste routine every time we add a laptop or mobile will get old quickly 🙂

At least I can use my script to gather the list of MAC addresses, and cut down on that bit of information gathering.

Meraki Community

Set per-SSID device policies through API

Set per-SSID device policies through API