MR Access Point Integration with FortiGate

Solved
DavideUrsino
Here to help

MR Access Point Integration with FortiGate

Good Morning to all,

 

I have a question reguarding authentication with Firewall FortiGate as Access Control,

 

I would like the FortiGate took over the role of "WiFi controller" and centralized all the client authorization,

 

Is it also possible to tag traffic from clients with VLANs created on Fortigate?                   

 

Thanks in advance for your reply

1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal

You can either use the Tunnel-Private-Group-ID attribute to dynamically specify the VLAN the wireless user should be placed into:

https://documentation.meraki.com/MR/Encryption_and_Authentication/Configuring_RADIUS_Authentication_...

 

 

Or you can create a Meraki group policies assigning whatever you want.  Then use the Filter-Id attribute to specify which group policies to assign to whatever users you want.

 

https://documentation.meraki.com/MR/Group_Policies_and_Blacklisting/Using_RADIUS_Attributes_to_Apply... 

View solution in original post

3 Replies 3
cmr
Kind of a big deal
Kind of a big deal

If the Fortigate can be a radius server then you can use it for wireless client authentication.  You can't use it as a full wireless controller as the Meraki cloud is that.

If my answer solves your problem please click Accept as Solution so others can benefit from it.
DavideUrsino
Here to help

Thx for the quick answer.
with the authentication by RADIUS server, the FortiGate will decide only the access but the security policies will be settings on the Meraki cloud or will those on the fortigate be applied?
PhilipDAth
Kind of a big deal
Kind of a big deal

You can either use the Tunnel-Private-Group-ID attribute to dynamically specify the VLAN the wireless user should be placed into:

https://documentation.meraki.com/MR/Encryption_and_Authentication/Configuring_RADIUS_Authentication_...

 

 

Or you can create a Meraki group policies assigning whatever you want.  Then use the Filter-Id attribute to specify which group policies to assign to whatever users you want.

 

https://documentation.meraki.com/MR/Group_Policies_and_Blacklisting/Using_RADIUS_Attributes_to_Apply... 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels