Hey all,
Looking for a solution for managing staff personal device on wifi/SSID(s) and restricting them on all the other SSID's in the system... (ie. directing them to specific SSID's once authenticated). We've learned over the years that no one will keep a password private... it gets handed out like candy so we changed over to this several years ago:
"Different policies by connection and SSID"
https://documentation.meraki.com/MX/Group_Policies_and_Blacklisting/Blocking_and_Whitelisting_Client...
It's becoming cumbersome. I maintain an Excel Doc and manually add clients (via their MAC address) into SSID's and block them from others. The reason it is cumbersome is that we have new hires and seasonal staff coming and going all year long and repeats. There is also one more layer of complexity - we use the "Different policies by connection and SSID" to for restricting a handful of devices on timed schedules (a group within a group).
I'm looking for something else. In essence, the SSID will be an elevated Guest Wifi idea without the daily "facebook check-ins" AND needs to restrict them from going back to Guest Wifi (and other known SSID's broadcasting). Once again, a solution with a password "only" will not work.
I'm guessing that a long time ago I latched on to the idea of "Different policies by connection and SSID" as the perfect solution and am not realizing there is an easier way to do the same thing another way?
Things we'd like to avoid: password, Radius Server, SM
Things we don't have: Radius Server
Things we do have: Meraki MX84; MS425, 320's 220's; MR's (obviously)