Meraki

Community

Meraki Group Policy Per SSID

Adoos
Building a reputation
4 weeks ago
4 weeks ago

Meraki Group Policy Per SSID

I've created a Contractor SSID which is tunnelled back to a concentrator with a VLAN tag.

 

We are testing Meraki radius for the clients, is there a way to automatically apply a group policy to a client when they are auth to the network? 

 

Previous we use ISE radius and Meraki group policy is added during the process.

Labels:
0 Kudos
7 Replies 7
alemabrahao
Kind of a big deal
Kind of a big deal
4 weeks ago
4 weeks ago

You can use other attributes like Class or Tunnel-Private-Group-ID, but Filter-Id is the most common and supported one.

 

Using RADIUS Attributes to Apply Group Policies - Cisco Meraki Documentation

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Adoos
Building a reputation
4 weeks ago
4 weeks ago

I don't think that is available with the current SSID settings enabled, 

 

We are using Meraki cloud auth so no radius option. 

 

Adoos_0-1759956694044.png

 

0 Kudos
In response to Adoos
alemabrahao
Kind of a big deal
Kind of a big deal
4 weeks ago
4 weeks ago

It is only available when using 802.1x, for Open authentication it is not possible.

 

 

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to Adoos
alemabrahao
Kind of a big deal
Kind of a big deal
4 weeks ago
4 weeks ago

Oh, but without a Radius server or Access Manager, it won't work.

Why aren't you using ISE anymore?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Mloraditch
Kind of a big deal
Kind of a big deal
4 weeks ago
4 weeks ago

Do you mean using meraki logins? If so I don't believe that is  possible, you need an external radius server like ISE. 

This should work with Meraki Access Manager if you wanted to give that a whirl, but pricing/licensing requirements still have not been released.

https://documentation.meraki.com/Access_Manager


If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
In response to Mloraditch
Adoos
Building a reputation
4 weeks ago
4 weeks ago

Yes using Meraki cloud radius, we will try out the device type that may cover our testing for now. 

0 Kudos
In response to Adoos
TBHPTL
Head in the Cloud
2 weeks ago
2 weeks ago

If you are using  Meraki 802.1x why not create user accounts within Dashboard and assign them only to the "contractor" zone./subnet on a dedicated egress and the you can apply the group policy on that interface by default.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
© 2025 Cisco Systems, Inc.