- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Group Policies do not apply to IOS devices
I am trying to make a rule that sends all IOS devices to a seperate VLAN On my corporate network. The problem is when I assign "Group Policies by Device Type" the Meraki does not seem to be able to recognize and apply policy to IOS devices.
So lets just say I wanted to block iPhones from connecting to an SSID all together. I can't even do that right now.
Is there any timeline as to when this may be fixed?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
the device type thing doesn’t work… don’t rely on it. If you want a specific device on a specific VLAN use the iPSK function. You could also use another SSID but don’t use too many or you’ll cause other issues.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
it is looking like I got this to work by just switching back to the old dashboard view and saving again,
i will try to replicate in another environment and reply back with my results!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
NVM, It was just working Intermittently. Is the IPSK function the way to go here? Probably need Cisco ISE. Weird they offer the whole "Policy by Device Type" portion if it really does not work at all
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Some clients may misidentify themselves when specifying the User-Agent string field of an HTTP GET request. Device type policy enforcement is done on a best-effort basis, dependent upon the information that the client provides. When needing to enforce security-focused policies based on device type, please leverage solutions such as Meraki Systems Manager, or Cisco ISE.
Please, if this post was useful, leave your kudos and mark it as solved.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I think I got this to work just by switching back to the old dashboard view and saving again,
i will try to replicate in another environment and reply back with my results!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I just got lucky when it worked a couple times. It does not work consistently 😞.
I do have Meraki SM, but wouldn't I need an agent on all devices that came into the building? I want to block all iPhone's from corp WIFI, these are personal devices so I couldn't put an agent on them. With Meraki SM can I do this?
I feel like what I am trying to accomplish may only be possible with ISE.
Does Meraki have any intention of making "Group Policies by Device Type" actually work? I guess that would go against their own dollar doing that.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, to use SM you need to install the agent on each device.
Please, if this post was useful, leave your kudos and mark it as solved.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Nvm. I think this works now I switched back to old dashboard view. Will circle back once I have replicated this in multiple environments
![](/skins/images/7B34708A1980CF5E136B7318F0CE9B4A/responsive_peak/images/icon_anonymous_message.png)