Pros/cons with using Enterprise Meraki Cloud Authentication for SSID access

DennisS
Here to help

Pros/cons with using Enterprise Meraki Cloud Authentication for SSID access

Hi,

 

As the subject states, are there limitations/pitfalls to using Meraki Cloud Authentication to manage SSID access? User credential mgmt. looks forward but curious:

 

  • Are there limitation on the number of credentials that can be created?
  • There doesn't seem to be a way to perform a bulk add?
  • Is there a Marketplace app that's better?

 

Thanks

6 Replies 6
PhilipDAth
Kind of a big deal
Kind of a big deal

Could we take a step back first - what are you trying to achieve?  What is it that you are wanting to do?

 

Is this guest WiFi, student accommodation, IoT device access, motel accommodation, ?

DennisS
Here to help

We're looking to manage corporate employee & guest (captive portal) WIFI access.  We're doing this today via ISE a) it's kludgy and b) we may be moving away from ISE altogether.  Corporate users are simply looking for the "hotel" experience where they connect, enter a userid & password and they're in.

PhilipDAth
Kind of a big deal
Kind of a big deal

Take a look at Splash Access (a paid for third-party solution).

https://www.splashaccess.com/ 

 

If you have Office 365, users can onboard their own devices using those credentials.  Everything is cloud-based.

 

 

If you have Active Directory, you could also consider authenticating against that using Microsoft NPS (free).  It's like using ISE, but is included in Windows Server.

https://documentation.meraki.com/MR/Encryption_and_Authentication/Configuring_RADIUS_Authentication_... 

Brash
Kind of a big deal
Kind of a big deal

AS @PhilipDAth wrote, if you're using MS Active Directory for employee identity management, NPS is fairly easy to get going and is free. It's not the most pretty or featureful but it does the job.

 

As for guests, it depends on the user experience and the process you want to implement. Are guests onboarded temporarily into AD? Does someone have to approve their access (Eg. Sponsored guest)? Or do you simply want a click through portal (in which case the Meraki basic splash, or a third party solution such as SplashAccess might help).

DennisS
Here to help

No, guests are simply provided pre-printed credentials for the captive portal which is more than adequate. The challenge is managing corporate user WIFI experience against compliance requirements, because of this, we'll likely continue using ISE.

KarstenI
Kind of a big deal
Kind of a big deal

I would keep the ISE and do 802.1X with it instead of using NPS, as the NPS is a PITA.

Meraki Cloud Authentication, I think it is strong for BYOD, but today I try not to use it for corporate users.

Important is that you do Enterprise authentication for corporate access instead of Personal (with a Passphrase).

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels