Meraki

Community

Azure AD authentication on Meraki WiFi

Solved
KevinI
Conversationalist
‎Jun 18 2019 1:18 AM
‎Jun 18 2019 1:18 AM

Azure AD authentication on Meraki WiFi

Hi guys,

 

We are working on moving away from our on-premises AD to Azure AD. Part of our current infrastructure is using RADIUS authentication on our WiFi network, linked to our AD.

 

Seeing as using Azure AD directly isn't an option yet for Meraki, have you guys come up with any solutions for this?

 

I've been reading some posts about using a splash page to authenticate against Azure AD, but nothing specific or with a detailed configuration guide.

 

We don't want to spin up a VM in Azure just for this. I'm guessing we are not only ones facing this issue?

1 Accepted Solution
MikeJ
Meraki Employee
Meraki Employee
‎Aug 7 2025 9:33 AM
‎Aug 7 2025 9:33 AM

Hello everyone! I wanted to chime in here and provide an update on this topic.


Thanks to the latest feature in the Meraki dashboard known as Access Manager, you can sync users from Microsoft Entra ID (formerly Azure AD) for authentication. To learn more, see the following community thread about the feature:

https://community.meraki.com/t5/Feature-Announcements/Meraki-Organization-Users-Page-Now-Generally-A...

View solution in original post

0 Kudos
211 Replies 211
In response to Scratcher9
GIdenJoe
Kind of a big deal
Kind of a big deal
‎Jul 15 2025 7:29 AM
‎Jul 15 2025 7:29 AM

Normally you would use EAP-TLS but even if you were to use EAP-TTLS your credentials are stored in your device.  It is not that you would get a popup each time to enter data.  The client behavior when in your pocket sleeping is up to the device itself.  Does it wake up now and then to keep the session alive?

It might be best to test this and see if you get new assoc requests after waking up.

0 Kudos
In response to GIdenJoe
Scratcher9
Comes here often
‎Jul 15 2025 7:53 AM
‎Jul 15 2025 7:53 AM

Years ago i had a cisco WLC that had a web auth to local users for a SSID.  This didn't work when devices went to sleep, they always had to reauth.

0 Kudos
In response to Scratcher9
Puck
Conversationalist
‎Jul 15 2025 7:36 AM
‎Jul 15 2025 7:36 AM

I have the Splash Login set to 1 week.  Once a device authenticates it is good for 7 days.  My laptop auto connects every morning with no issues.  Same for mobile

0 Kudos
In response to Puck
Scratcher9
Comes here often
‎Jul 15 2025 7:54 AM
‎Jul 15 2025 7:54 AM

Ok thanks for letting me know. 

0 Kudos
In response to jimmyt234
sys-admin
Conversationalist
‎Aug 18 2025 5:18 PM
‎Aug 18 2025 5:18 PM

Has anyone attempted to use this for multiple SSID's? There doesn't seem to be a way to scope users/groups to different SSID's with this method.

0 Kudos
In response to jimmyt234
Puck
Conversationalist
14 hours ago
14 hours ago

Has anyone figured out how to "deauthorize" the Entra Splashpage uses via API.  It seems to not work sinces its not a click-through splashpage.  I can do it from the Portal but we want to make sure everyone has a fresh splashpage timer on Monday morning.

0 Kudos
Pb_matt
New here
‎Jul 15 2025 1:13 PM
‎Jul 15 2025 1:13 PM

I'm having an issue where the 'Sign in with Microsoft' button is not clickable in iOS. Has anyone else experienced this?

0 Kudos
MikeJ
Meraki Employee
Meraki Employee
‎Aug 7 2025 9:33 AM
‎Aug 7 2025 9:33 AM

Hello everyone! I wanted to chime in here and provide an update on this topic.


Thanks to the latest feature in the Meraki dashboard known as Access Manager, you can sync users from Microsoft Entra ID (formerly Azure AD) for authentication. To learn more, see the following community thread about the feature:

https://community.meraki.com/t5/Feature-Announcements/Meraki-Organization-Users-Page-Now-Generally-A...

0 Kudos
In response to MikeJ
Avenir
Here to help
‎Aug 7 2025 9:48 AM
‎Aug 7 2025 9:48 AM

The documentation only mentions settings for VPN authentication using this method.

Will it also work for Wi-Fi authentication? If so, is there a manual or guide available for that setup?

0 Kudos
In response to MikeJ
webbexpert
Here to help
‎Aug 7 2025 10:01 AM
‎Aug 7 2025 10:01 AM

Similar to the other poster. Would it be possible to include the documentation for the GA availability of IDP authorization to Meraki's SSIDs?

 

Syncing users may be topical to user management, but during the BETA, the only requirement was to setup the SSID Access Control w/ Entra's IDP via x509 and walled-garden settings. It had very little, if nothing, to do with identity sync from AD.

 

This thread has a long history of asking for apples and getting oranges 😞

Scratcher9
Comes here often
‎Aug 7 2025 11:20 AM
‎Aug 7 2025 11:20 AM

Is this it?

Access Manager Username/Password Authentication - EAP-TTLS/PAP with Entra ID Lookup - Cisco Meraki D...

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
© 2025 Cisco Systems, Inc.