Meraki

MichelRueger · ‎Jul 26 2018

Hi all,

I have around 50 Meraki Access Point but no MX.

We have a Microsoft Active directory Server.

We have 1 SSID (Welcome) and we have 3 different VLAN's. Now I want that if you connect to the Wireless you get a Splash page witch ask for Login and password and if you login with a Studen User Account (AD group Student) you will be put in VLAN 100, if you use a Teacher User Account (AD group Teacher) you will be put in Vlan 200 and if you use a Login from a internal User you will be put in VLAN 300.

IS this posible and if yes how? I checked all possible Meraki doku but didn't found something.

Thanks for any Help

Michel Rueger

ww · ‎Jul 26 2018

should work with radius if i read this https://community.meraki.com/t5/Wireless-LAN/Radius-VLAN-push-and-override-and-policy-attribution/td...

I only tested vlan override this way https://documentation.meraki.com/MR/Client_Addressing_and_Bridging/Tagging_Client_VLANs_with_RADIUS_...

PhilipDAth · ‎Jul 26 2018

@ww is right about using RADIUS. The solution works better if you use WPA2 Enterprise mode.

With a splash page if you drop them into a new vlan there is nothing to tell the client to release their existing IP address and ask for a new one.

Also note got can push per user group policy, and have different firewall rules based on who the user is. This does work nicely with a splash page.

Fady · ‎Aug 12 2018

Hi

I have created video to show step by step guide that you can view below

https://www.youtube.com/watch?v=mMSSfy_mIlQ&t=646s

https://www.youtube.com/watch?v=TQNgh5m5ehU

Meraki

Community

Active directory Group policy User authentication into different Vlan's

Active directory Group policy User authentication into different Vlan's