Hello Meraki Community,
We have been using Sponsored Guest login for quite few weeks and it's pretty cool feature. Received a good feedback from users on the ease of requesting Access. Besides all these I have noticed 2 issues -
1. No reporting available. It would be nice if we could see the user's name on the "Clients" page. Also get full details of the requester (name and email) in the approval email.
2. I noticed that - If I am a returning user and presented the same name and email address, I am not being presented with a page where we put in approver's email address. I am getting full WIFI access without approval. Admin has no idea that the user is on the network, since there is no approval email. The scary thing is when I check on the client details, it says approved by xxx (since approved by xxx the last time) even though there is no approval.I see this as some security issue (What if the user is terminated | What if the user has to be kept out)
Have anybody seen this behavior ? Is this normal or is there a way to change this ? What i would like to see is - even though they are returning users, an approver will have to approve their request to gain access to network.
Thanks
Solved! Go to solution.
Hi everyone,
1. The user field is solely for the user ID info pulled from AD when active directory integration is present. The other visibility things mentioned here are good points and ripe for a feature request (make a wish) (-:
2. It is expected behavior that the user can reconnect with the same "credentials" on the splash page within the time duration allotted without another email being sent to the admin. One can imagine the situations where that would be useful.
2.5. If the user can reconnect with the same "credentials" outside of the sponsorship duration, without an auth email being sent to admin, please open a support case. This is not expected behavior.
You can reference the below article for point #2:
https://documentation.meraki.com/MR/Encryption_and_Authentication/Sponsored_Guest
For 1, if you add the "user" column to the page that doesn't show the username?
For 2, are you saying the setting for duration is not working?
If that's the case it sounds like a bug.
Dsilva thank you for your response. Hopefully I make clear this time.
Here is what happens when user wants to connect to wifi -
Since there is no username involved in the authentication method the "user" field you mentioned has no information in it.
For #2 -
I'm with @jdsilva . That sounds like a bug. That is specifically what the sponsorship duration is there for.
Hi everyone,
1. The user field is solely for the user ID info pulled from AD when active directory integration is present. The other visibility things mentioned here are good points and ripe for a feature request (make a wish) (-:
2. It is expected behavior that the user can reconnect with the same "credentials" on the splash page within the time duration allotted without another email being sent to the admin. One can imagine the situations where that would be useful.
2.5. If the user can reconnect with the same "credentials" outside of the sponsorship duration, without an auth email being sent to admin, please open a support case. This is not expected behavior.
You can reference the below article for point #2:
https://documentation.meraki.com/MR/Encryption_and_Authentication/Sponsored_Guest
Sorry..late to reply on this but want to give update on this.
Thanks everyone for giving your inputs. @Shane3 you are right on point#2.5, that's exactly what was happening. However the problem got resolved on it's own. Don't know how.