Meraki

Community

Meraki Entra ID - with conditional access

GavinMcMenemy
Building a reputation
‎Oct 3 2025 3:34 AM
‎Oct 3 2025 3:34 AM

Meraki Entra ID - with conditional access

I've been playing with the entra id splash page login. This is good as it means we can offload a certain amount of our security to a process we and our already already use. And we wouldn't need to push a wifi profile with a set password.
I've noticed a limitation and I can't decide on the best way forward - users can sign up personal devices without issue.

We would like to bar users from signing in with their own devices (ie personal laptops, mobile phones) and I can't see a way to do this. Users should use a separate guest network for personal devices.

 

  • From Meraki we have:
    • MR enterprise licensing and an MX (plus switching) but we're not using SM.
  • From Microsoft we have
    • Office 365 E5 with mobility and security
    • Entra ID P2 licenses.

In other words I have Intune, Full Entra with Conditional access.

I'm just wondering what others have done. Did you use a Conditional Access policy? And if so how did you set that up?

Labels:
0 Kudos
4 Replies 4
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Oct 5 2025 12:18 PM
‎Oct 5 2025 12:18 PM

What happens if you create a conditional access policy to limit access to authorised devices?

0 Kudos
In response to PhilipDAth
GavinMcMenemy
Building a reputation
‎Oct 8 2025 3:45 AM
‎Oct 8 2025 3:45 AM

That's the question. HOW do I do that I do that using this splash page? 

I've been looking around and it seems I would need to deploy a local radius server and use access manager. But 1. Access Manager is in preview and 2. it is VERY clear cisco plan to charge for it.

0 Kudos
In response to GavinMcMenemy
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Oct 8 2025 11:12 AM
‎Oct 8 2025 11:12 AM

In the Conditional Access policy, match the application that gets created.

0 Kudos
GavinMcMenemy
Building a reputation
‎Oct 7 2025 7:42 AM
‎Oct 7 2025 7:42 AM

 

I'm looking at this for example. 

what I want is for my users to be able to bring their laptop into the office, and find themselves connected without too much effort. 
I have all this nifty conditional access policy and MFA capability but there doesn't seem to be a straightforward way to implement it, to control who gets access to my wifi network. 

Sure I can push a standard wifi password like it's the 90s but I was wondering if it was possible to be more slick

https://learn.microsoft.com/en-us/entra/identity/conditional-access/concept-assignment-network

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
© 2025 Cisco Systems, Inc.