Meraki

DavideUrsino · ‎Mar 16 2020

Good Morning to all,

I have a question reguarding authentication with Firewall FortiGate as Access Control,

I would like the FortiGate took over the role of "WiFi controller" and centralized all the client authorization,

Is it also possible to tag traffic from clients with VLANs created on Fortigate?

Thanks in advance for your reply

PhilipDAth · ‎Mar 16 2020

You can either use the Tunnel-Private-Group-ID attribute to dynamically specify the VLAN the wireless user should be placed into:

https://documentation.meraki.com/MR/Encryption_and_Authentication/Configuring_RADIUS_Authentication_...

Or you can create a Meraki group policies assigning whatever you want. Then use the Filter-Id attribute to specify which group policies to assign to whatever users you want.

https://documentation.meraki.com/MR/Group_Policies_and_Blacklisting/Using_RADIUS_Attributes_to_Apply...

View solution in original post

cmr · ‎Mar 16 2020

If the Fortigate can be a radius server then you can use it for wireless client authentication. You can't use it as a full wireless controller as the Meraki cloud is that.

If my answer solves your problem please click Accept as Solution so others can benefit from it.

DavideUrsino · ‎Mar 16 2020

Thx for the quick answer.
with the authentication by RADIUS server, the FortiGate will decide only the access but the security policies will be settings on the Meraki cloud or will those on the fortigate be applied?

PhilipDAth · ‎Mar 16 2020