The Meraki Community
Register or Sign in
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • About ether
ether

ether

Here to help

Member since Aug 20, 2019

‎03-17-2020
Kudos from
User Count
Teach
Teach
1
jem_isa
jem_isa
1
MarcoKoch
MarcoKoch
1
Mr-E
Mr-E
1
ryansabol
ryansabol
1
View All
Kudos given to
User Count
NolanHerring
NolanHerring
1
jrhop
jrhop
1
cmr
Kind of a big deal cmr
1
Ted_Dasher
Ted_Dasher
1
View All

Community Record

5
Posts
10
Kudos
0
Solutions

Badges

First 5 Posts
First 10 Kudos
Lift-Off View All
Latest Contributions by ether
  • Topics ether has Participated In
  • Latest Contributions by ether

Re: MR 26.7 Firmware

by ether in Wireless LAN
‎03-04-2020 03:28 PM
‎03-04-2020 03:28 PM
Anyone else have feedback on this firmware? I'm considering jumping from 25.13 to 26.7. We have about 5 MR32 APs and 65 MR33 APs. ... View more

Re: Meraki SSO/SAML is Severely Limited, Hasn't Improved in years.

by ether in Dashboard & Administration
‎01-30-2020 10:16 AM
1 Kudo
‎01-30-2020 10:16 AM
1 Kudo
Hi Philip,   Thanks for your responses.   >-Can't login to Client VPN with the same email as an SSO user   I am using a MacBook with the Client VPN. Its pretty disappointing that I have to use a dummy email account and not the one I use to login to Meraki with if I want to use the Client VPN.   >-No SSO login for the Mobile app   Definitely a bummer, its been almost 2 years since we requested SSO/SAML login via the Mobile app and it still isnt a feature.   >-No ability to login with more than one SSO admin role via the Okta integration   Okta support has told me that this is a limitation on Meraki's side, not on Okta's side.   >-No list of SAML users in the Administrator page?   I administer many online apps/services that use SSO/SAML to login and pretty much every service I use has a list of users and permissions. Not sure why Its any different on Meraki's interface.   ... View more

Meraki SSO/SAML is Severely Limited, Hasn't Improved in years.

by ether in Dashboard & Administration
‎01-28-2020 11:17 AM
4 Kudos
‎01-28-2020 11:17 AM
4 Kudos
It seems like the Meraki SSO/SAML integration has been half baked since it was introduced. SSO/SAML is supposed to simplify things, but having it enabled is causing more work than without it.   These are a few issues that I have noticed so far in with SSO/SAML enabled and found multiple threads all the way back from 2017 mentioning these issues. It doesn't look like the SSO/SAML integration has improved since.   -Can't login to Client VPN with the same email as an SSO user -No SSO login for the Mobile app -No ability to login with more than one SSO admin role via the Okta integration -No list of SAML users in the Administrator page   This is a shame as I was excited to introduce SSO/SAML login for our Meraki users, but will need to roll back and remove SSO/SAML due to these limitations.   Client VPN users cant use the same email account as their SSO/SAML email account to use VPN.  When I enabled SSO, I had to remove all of the admins that had username/password logins, this also removed their Client VPN profiles. Now I am being told by Meraki support that SSO/SAML users cant use the Client VPN with the same SSO/SAML email accounts. So we essentially need to create dummy email accounts for VPN access? That seems a bit silly. From Meraki Support: " You will need to use a different username/email and password for client VPN. You cannot use the SAML username/email for client VPN since the SAML account should be unique. This is why when you add the SAML username/email to the client VPN it gets deleted from the list."   Okta integration only allows a single role to log in, so essentially any user that has been assigned to the Meraki Dashboards SAML app will log in as an administrator with no way of determining which user receives which role. Instead of working like most integrations where you can determine what role a user receives, the Meraki Okta integration only allows logging into one specific role. If you want to add additional roles, you need to create another instance of the integration with a brand new certificate, this makes having the integration pointless.   A Senior Technical Engineer from Okta responded in 2017 to this limitation/issue " Only one SAML administrator role can be sent through the OIN app as it's currently configured. I actually brought this up to Meraki support just last week and I believe it has been relayed to their apps team for review."   Meraki Mobile app doesn't have SSO/SAML login option. Our team opened a ticket about this in October 2018, SSO/SAML login via the mobile app is still not an option. "The Meraki mobile app on both Android and iOS does not support SAML/SSO, making it effectively unusable in our environment because our operators need access to it. In addition, if you are a user enabled for SAML, you can't also authenticate via username/password, which would at least allow us to use SAML on the web, and only a username/password in the mobile app. However, it would be preferable if the mobile app just supported SAML too."   You cant see a list of the SSO/SAML users in the administrator dashboard, it just shows the roles. You can see the different SAML Administrator roles and see who logged in via SAML on the SAML Login History button, but there is no list of SAML users like there is for normal username/password users.    It's a shame that Meraki hasn't made improvements on the SSO/SAML end. I was really looking forward to enabling it for our users. ... View more

Re: SSO On Mobile App

by ether in Dashboard & Administration
‎01-21-2020 02:29 PM
5 Kudos
‎01-21-2020 02:29 PM
5 Kudos
Any idea if this is going to be implemented in the near future? ... View more

Re: How to cable MX & MS for HA

by ether in Security / SD-WAN
‎08-20-2019 10:52 AM
‎08-20-2019 10:52 AM
Hi all,   I am in the process of adding a second MX as a hot spare and need guidance in regards to the setup of the second MX. I am trying to follow the Meraki documentation for HA Switch Stack setup.   Our setup consists of: -2x MX250 (Primary is active, the warm spare has not been installed yet) -7x MS225 (stack 1) -8x MS225 (stack 2)   Currently, the primary MX is connected to WAN1, WAN2 and directly to one of our MS switches in Stack 1 via the SFP port. Is this the recommended setup for redundancy? Or should the Primary MX be connected to every switch in stack one (so 7 total connections from the MX -> MS stack 1)? What about stack 2?   When I add the second MX to the equation, do I just hook it up to the same single switch in stack 1 that the primary MX is connected to? Or is it recommended to hook it up to all 7 switches in stack 1?   Thanks ... View more
Kudos from
User Count
Teach
Teach
1
jem_isa
jem_isa
1
MarcoKoch
MarcoKoch
1
Mr-E
Mr-E
1
ryansabol
ryansabol
1
View All
Kudos given to
User Count
NolanHerring
NolanHerring
1
jrhop
jrhop
1
cmr
Kind of a big deal cmr
1
Ted_Dasher
Ted_Dasher
1
View All
My Top Kudoed Posts
Subject Kudos Views

Re: SSO On Mobile App

Dashboard & Administration
5 1343

Meraki SSO/SAML is Severely Limited, Hasn't Improved in years.

Dashboard & Administration
4 2057

Re: Meraki SSO/SAML is Severely Limited, Hasn't Improved in years.

Dashboard & Administration
1 2007
View All
custom.footer.
  • Community Guidelines
  • Cisco Privacy
  • Khoros Privacy
  • Privacy Settings
  • Terms of Use
© 2021 Meraki