Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Wifi authentication in k12

zestyorange
New here
‎Jun 29 2020 7:10 AM
‎Jun 29 2020 7:10 AM

Wifi authentication in k12

I work in IT for a small k12 school district where we have installed Meraki APs and switches and have been enjoying the ease of setup since I'm not a networking guru. My boss wants me to start securing the wifi (yes our district's single SSID is OPEN...) with one of our offices that has 12 people and then grow that to cover the entire district. We use gsuite, but have no directory services like RADIUS or Active Directory, and have a separate VLAN for each of the 5 buildings. Also, we are a Mac district with student Chromebooks.

 

We are a small district so going with a big expensive enterprise solution will get shot down. And I need some evidence to prove that we need to go one way or another. He wants it to be as seamless as possible for the users and recommended MAC address filtering with their work devices, but I noticed that Meraki doesn't really have a simple MAC address filtering and I'm reading on forums that it's not that secure anyhow. 

 

I have toyed with the different authentication settings and got Meraki to enable Google authentication for 802.1x, but it requires a profile to be installed on all macOS and iOS devices first. I guess I'm looking for the perfect answer that probably doesn't exist. Does anybody have any experience with a setup like this? 


Thanks

 

 

Subscribe
4 Replies 4
Network-dad
A model citizen
‎Jun 29 2020 10:02 AM
‎Jun 29 2020 10:02 AM

@kYutobi do you have any suggestions? 

Dakota Snow | Network-dad Linkdedin
CMNO | A+ | ECMS2
Check out The Bearded I.T. Dad onThe Bearded I.T. DadThe Bearded I.T. Dad
0 Kudos
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jun 29 2020 11:53 AM
‎Jun 29 2020 11:53 AM

Trusted Access has your name written all over it.

https://documentation.meraki.com/zGeneral_Administration/Cross-Platform_Content/Trusted_Access_for_S... 

 

You need Meraki Systems manager licences for this.  On your scale, the cost is low.

0 Kudos
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jun 29 2020 11:55 AM
‎Jun 29 2020 11:55 AM

Splash Access also has a pretty cool system.

https://www.splashaccess.com/splashaccess-education-campus/ 

 

They have an integration with Google.  Typically you send students to the portal, they enroll their own device, and you get to control the access.

0 Kudos
Subscribe
In response to PhilipDAth
BlakeRichardson
Kind of a big deal
Kind of a big deal
‎Jun 29 2020 3:23 PM
‎Jun 29 2020 3:23 PM

@zestyorange if you don't have any form of directory service I would recommend Jumpcloud. You could then setup RADIUS authentication using this service.

 

Your current setup is very insecure, I am surprised your school district allows open networks. Good luck and keep us updated on what you decide to use and how you get on. 

btr.net.nz
0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.