One Org Two Networks Same SSID - Same bulding

omshiv
Just browsing

One Org Two Networks Same SSID - Same bulding

Hi There,

A client is looking to create a new Meraki wireless network with some new devices that would only serve a certain area of the building and keep that traffic isolated (originated on the SSID that would be dedicated to that network). it will have its own egress circuit and the dedicated MS and MX devices.  In the other areas they already have an existing Meraki network with its own egress/circuit/switches etc. Both of these networks are going to be a part of the same Meraki Org. They want to extend the existing SSID to the new isolated network which resides in the same building and there might be an overlap, in terms of signals from the access-points from both the networks. Idea is to move freely between the netwoks from the existing network but restrict the flow other way around (second network users will not have the credentials/PSK for the existing network). My questions are:

 

1, Is this technically doable (my guess is yes but I am not a Meraki pro)?

2, If it's technically doable but not recommended, what are the possible issues?

3, What is the alternate solution, if the aforementioned solution is not recommended?

 

I would appreciate any help. Thank you.

8 Replies 8
KarstenI
Kind of a big deal
Kind of a big deal

1) yes

2) it depends

3) One network and the users are dynamically assigned different VLANs. Both VLANs terminate at their own ISP circuits. But the MX-old and MX-new can't be in the same dashboard network. But you could use one MX  (or two in HA) and connect one ISP to WAN1 and one ISP to WAN2 and use flow preferences to steer the traffic to the right ISP.

 

The main problem with your approach is that roaming between these worlds will break the connectivity.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
omshiv
Just browsing

Thank you, Karstenl .... There will not be any physical connectivity between the two networks and that's the desired design (keep the traffic separate for the new network). So, sharing devices or allowing network two traffic to merge with network one will not be possible. It's like existing network users should be able to access the internet services on the new network but not vice versa.

KarstenI
Kind of a big deal
Kind of a big deal

Now I am completely with @DarrenOC ...

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
DarrenOC
Kind of a big deal
Kind of a big deal

I’m so confused…. These statements contradict each other:

 

‘Idea is to move freely between the netwoks from the existing network but restrict the flow other way around (second network users will not have the credentials/PSK for the existing network)’

 

- How will the users from the first network roam freely between both networks if the SSID PSK is different?

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
omshiv
Just browsing

Thank you for your response, DarrenOC. Existing SSID and PSK would be the same on both the networks. However, the new network users will not have it configured on their devices. New network will have it's own SSID limited to the new network. Only the existing users should be able to roam freely between both the networks. Hope this clarifies it a little.

DarrenOC
Kind of a big deal
Kind of a big deal

Clear as mud @omshiv 

 

I think what you’re looking to achieve is:

 

- existing users have an SSID configured across both sites so they can roam

 

- new site and users will have a new/separate SSID on their site

 

This is the only way I see it working 

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
omshiv
Just browsing

Thank you for your input.

BlakeRichardson
Kind of a big deal
Kind of a big deal

@DarrenOC You have hit the nail on the head although my head hurts after trying to understand the situation. 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels