Meraki

Cyrus777 · ‎May 28 2024

Hello.

I am having a hard time to figure out some issues that I have with BYOD single SSID setup for Meraki network on ISE. I have followed this document and video to configure BYOD for our org. I get to the point that I can login with AD user/password and pass the PEAP (EAP-MSCHAPv2) authentication. from this point on Windows devices I get the redirect URL to my ISE and download the NSA successfully but when I try to install the NSA I get an error for untrusted cert and I continue but it fails eventually.

For Mac OS ad iOS (iPhone) I download the cert but it doesn't move to next policy to eap-tls. Image (15).jpg Image (14).jpg

I'm allowing all traffics to ISE / DNS and other required webpages on walled garden on Meraki access control page for this SSID.

alemabrahao · ‎May 28 2024

Take a look at this document.

https://community.cisco.com/t5/security-knowledge-base/how-to-integrate-meraki-networks-with-ise/ta-...

Search for BYOD.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Cyrus777 · ‎May 28 2024

this doc is not helpful!

alemabrahao · ‎May 28 2024

This documentation is for you to review your settings.

I also suggest that you check the ISE logs to try to find any errors, as well as a packet capture.

And finally I suggest you open a support case.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Meraki

Community

BYOD setup for Meraki single SSID on ISE

BYOD setup for Meraki single SSID on ISE