hi Meraki warriors,
I would like to know if there is any way to limit an SSID to allow only 2 devices only, perhaps not manually, something similar to ISE
but in essence, lets say I have one user in our Corp SSID, but that use can use as many devices he can have and there is no limitation,
We have ISE but the current version is obsolete and it does not have that feature, we tried via certificates but when it came the Chromebook world to play, the previous guy in charge override in some way that, to bypass the certs and now any user with any PC not being in the domain can join the corp as long as they have the right credentials for sure,
So Im looking a solution that will enable me to limit the devices per user, now that we are not using ISE
any ideas?
Configure the SSID to use WPA2-Enterprise mode and Meraki Authentication. Create accounts for just the two users and authorise them for the SSID.
Check out FreeRadius.
Microsoft NPS (part of Windows Server) is very popular as well. Nowhere near as sophisticated as Cisco ISE, but the price is good.
If you are replacing or retiring ISE, then RADIUS of some sort is going to be your best bet.
Map out a few more requirements however, that might help you in choosing your RADIUS provider. Are you looking to offer any MFA on your services (VPN for example?). We have had some issues with VPN MFA and Microsoft NPS, the claim not going the entire way through. Solution ended up being Cisco Duo as the MFA.
Yeah with the built-in functionality you can't limit the number of simultaneous logins with an account. It's either "unlimited" or one.
For that you'd need an external RADIUS server.
You may look into JumpCloud also
Check out Meraki Trusted Access.