Meraki

Community

Pros/cons with using Enterprise Meraki Cloud Authentication for SSID access

DennisS
Here to help
‎Aug 24 2023 1:59 PM
‎Aug 24 2023 1:59 PM

Pros/cons with using Enterprise Meraki Cloud Authentication for SSID access

Hi,

 

As the subject states, are there limitations/pitfalls to using Meraki Cloud Authentication to manage SSID access? User credential mgmt. looks forward but curious:

 

  • Are there limitation on the number of credentials that can be created?
  • There doesn't seem to be a way to perform a bulk add?
  • Is there a Marketplace app that's better?

 

Thanks

0 Kudos
6 Replies 6
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Aug 24 2023 2:03 PM
‎Aug 24 2023 2:03 PM

Could we take a step back first - what are you trying to achieve?  What is it that you are wanting to do?

 

Is this guest WiFi, student accommodation, IoT device access, motel accommodation, ?

0 Kudos
In response to PhilipDAth
DennisS
Here to help
‎Aug 24 2023 2:30 PM
‎Aug 24 2023 2:30 PM

We're looking to manage corporate employee & guest (captive portal) WIFI access.  We're doing this today via ISE a) it's kludgy and b) we may be moving away from ISE altogether.  Corporate users are simply looking for the "hotel" experience where they connect, enter a userid & password and they're in.

0 Kudos
In response to DennisS
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Aug 24 2023 3:26 PM
‎Aug 24 2023 3:26 PM

Take a look at Splash Access (a paid for third-party solution).

https://www.splashaccess.com/ 

 

If you have Office 365, users can onboard their own devices using those credentials.  Everything is cloud-based.

 

 

If you have Active Directory, you could also consider authenticating against that using Microsoft NPS (free).  It's like using ISE, but is included in Windows Server.

https://documentation.meraki.com/MR/Encryption_and_Authentication/Configuring_RADIUS_Authentication_... 

0 Kudos
In response to DennisS
Brash
Kind of a big deal
Kind of a big deal
‎Aug 24 2023 4:53 PM
‎Aug 24 2023 4:53 PM

AS @PhilipDAth wrote, if you're using MS Active Directory for employee identity management, NPS is fairly easy to get going and is free. It's not the most pretty or featureful but it does the job.

 

As for guests, it depends on the user experience and the process you want to implement. Are guests onboarded temporarily into AD? Does someone have to approve their access (Eg. Sponsored guest)? Or do you simply want a click through portal (in which case the Meraki basic splash, or a third party solution such as SplashAccess might help).

0 Kudos
In response to Brash
DennisS
Here to help
‎Aug 25 2023 2:24 AM
‎Aug 25 2023 2:24 AM

No, guests are simply provided pre-printed credentials for the captive portal which is more than adequate. The challenge is managing corporate user WIFI experience against compliance requirements, because of this, we'll likely continue using ISE.

0 Kudos
In response to DennisS
KarstenI
Kind of a big deal
Kind of a big deal
‎Aug 25 2023 1:10 AM
‎Aug 25 2023 1:10 AM

I would keep the ISE and do 802.1X with it instead of using NPS, as the NPS is a PITA.

Meraki Cloud Authentication, I think it is strong for BYOD, but today I try not to use it for corporate users.

Important is that you do Enterprise authentication for corporate access instead of Personal (with a Passphrase).

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.