Radius Whitelist

Solved
nmemmert
Here to help

Radius Whitelist

I am looking for a way to whitelist devices that don't play well with Radius. Like Chromecast's and other IOT devices. Does anyone know of a good way to do this, or some other way to get them to play nice?

1 Accepted Solution
mattia
Getting noticed

yes, hide the SSID to avoid user confusion with multiple SSID to choose from.

Screenshot 2019-05-30 at 14.08.02.pngScreenshot 2019-05-30 at 14.05.13.png

 

the SSID must have a protection for standard security, like WPA2 which is compatible with all modern devices.Screenshot 2019-05-30 at 14.05.00.png

 

Setup a splash screen with credentials (like Meraki authentication).

This avoids users with the WPA2 password from using this network without your authorisation, and for extra peace of mind.

Screenshot 2019-05-30 at 14.04.50.png

 

The devices that you want to connect to this dedicated SSID should be whitelisted via Network-Wide>Clients>Add Device to avoid the splash screen.

Screenshot 2019-05-30 at 14.11.57.png

hope this clarifies it better?

 

View solution in original post

4 Replies 4
mattia
Getting noticed

I've created a hidden SSID for these devices and Sonos speakers.

you can use a Login splash page as extra security to avoid someone sharing the pw and using this networks. just whitelist the mac addresses of your devices to avoid the login request

PhilipDAth
Kind of a big deal
Kind of a big deal

I do the same as @mattia .  These devices generally only need Internet access.

nmemmert
Here to help

I have had issues with Chromecasts and splash pages...you are saying to hide the ssid and use a PSK?

mattia
Getting noticed

yes, hide the SSID to avoid user confusion with multiple SSID to choose from.

Screenshot 2019-05-30 at 14.08.02.pngScreenshot 2019-05-30 at 14.05.13.png

 

the SSID must have a protection for standard security, like WPA2 which is compatible with all modern devices.Screenshot 2019-05-30 at 14.05.00.png

 

Setup a splash screen with credentials (like Meraki authentication).

This avoids users with the WPA2 password from using this network without your authorisation, and for extra peace of mind.

Screenshot 2019-05-30 at 14.04.50.png

 

The devices that you want to connect to this dedicated SSID should be whitelisted via Network-Wide>Clients>Add Device to avoid the splash screen.

Screenshot 2019-05-30 at 14.11.57.png

hope this clarifies it better?

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels