Radius VLAN push and override and policy attribution

Bob-AleziaTech
Conversationalist

Radius VLAN push and override and policy attribution

Thought i'd share this with the community.

In a recent case with Meraki to implement automatic vlan tagging by user login with splash page and radius authentification.

This configuration did not function and help documentation implied that you have absolutely have to use WPA2 TLS (a bit complicated for users in our environments) wich is not true entirely... We asked for this feature and they adjusted the recent firmware and backend to take into account the attributes sent by radius even with splash page authentification and it works now.

Have to upgrade to latest beta versions.

There is no added feature to set in the dashboard, when radius send the attributes (Filter-ID and/or Tunnel-Private-Group-ID) the client policy is dynamicaly changed to custom with the vlan and policy in the ssid connected from.

Be glad to give more insight if needed 🙂

2 Replies 2
Bigghend
New here

I would like more attributes in my environment my users would have the same issues and my plan is to roll something of that nature out in the fall 

grepaly
Here to help

Hi, I would be very happy if you could share some more details. I tried sending VLAN attribute with EAP, that worked. However with the splash page + Radius, no matter whether I try simply the VLAN number in Tunnel-Private-Group-Id or the group policy name in Filter-ID, none of them works. Any idea what could I be missing?

 

A.

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels