Meraki

Community

Wireless network with splash page / AD authentication

Solved
Silas1066
Getting noticed
‎Feb 13 2018 7:58 AM
‎Feb 13 2018 7:58 AM

Wireless network with splash page / AD authentication

I see in the documentation that a MR33 wireless AP can use AD authentication and a "splash-page" sign on option.

 

Does this require that a certificate be installed on the Meraki AP? One that is valid on a public / commercial level, so that it doesn't throw up errors when users see it? Or is that not an issue?

 

0 Kudos
1 Accepted Solution
In response to Silas1066
Chris_M
Getting noticed
‎Feb 13 2018 9:12 AM
‎Feb 13 2018 9:12 AM

The web page comes from the cloud and should not throw a certificate error The certificate you install on your AD is to validate itself against the AP, when doing logins, not for serving web pages.


Find my post helpful? Please give me a kudo!
CCNP Certified and Meraki Operator

View solution in original post

5 Replies 5
Adam
Kind of a big deal
‎Feb 13 2018 8:05 AM
‎Feb 13 2018 8:05 AM

By AD Authentication do you mean 802.1x Radius?  If so then it does look like you could have that selected for Network Access section and the spash 'Click-Through' is served by the Meraki servers so no certificate needed.  Capture.PNG

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
0 Kudos
In response to Adam
Silas1066
Getting noticed
‎Feb 13 2018 8:52 AM
‎Feb 13 2018 8:52 AM

Actually, I was think of this

 

https://documentation.meraki.com/MR/Splash_Page/Integrating_Active_Directory_with_Sign-On_Splash_Pag...

 

unless that requires the MX appliance

0 Kudos
Chris_M
Getting noticed
‎Feb 13 2018 8:53 AM
‎Feb 13 2018 8:53 AM

You can do this in a few different ways. You can do 802.1x which can be implemented using AD.

 

Or, you can use splash page sign on with AD authentication. You will need to have a certificate on your server so the AP can validate against it when logging users on. The certificate can be self-signed but it is not recommended.


Find my post helpful? Please give me a kudo!
CCNP Certified and Meraki Operator
0 Kudos
In response to Chris_M
Silas1066
Getting noticed
‎Feb 13 2018 9:10 AM
‎Feb 13 2018 9:10 AM

The AD server will have a certificate (self-signed), but I was wondering about the page that actually gets served up to the wireless clients.

 

That comes from the Meraki AP correct? I just wanted to make sure they didn't get certificate warnings/errors from it

0 Kudos
In response to Silas1066
Chris_M
Getting noticed
‎Feb 13 2018 9:12 AM
‎Feb 13 2018 9:12 AM

The web page comes from the cloud and should not throw a certificate error The certificate you install on your AD is to validate itself against the AP, when doing logins, not for serving web pages.


Find my post helpful? Please give me a kudo!
CCNP Certified and Meraki Operator
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.