Hi, A little background on what I'd like to do / planning to do. All of our users are now using laptops as their main workstation. I would like to implement a Wireless access to our local LAN to help our users work anywhere within the office. The main thing that's stopping me from this are 2 things: 1) Users sometimes bring their own device and connect their own phone or laptop to the Wireless LAN network (we're still using Password based authentication) 2) Regular changing of passwords is a pain since users tend to forget or ignore the announcement that the password will be changed on that date and we'll get angry calls that they can't connect to their meeting since the internet is broken (I've had a lot of cases of this). Due to this, I want to implement a MAC-based access control on my Wireless network. I want specified MAC addresses to be able to connect to certain SSIDs only to maintain the proper separation between groups. Laptop logon is via fingerprint anyway so we're sure we're getting authenticated users. Now on to the testing. I followed the steps outlined in these guides Configuring RADIUS Authentication with WPA2-Enterprise - Cisco Meraki Enabling MAC-based access control on an SSID - Cisco Meraki However I can't seem to get my test laptops to connect. Here's the current setup right now I have 3 laptops IT, CS and HR. I also have 3 separate SSIDs for each group. On my test.test domain, I have a Group_Laptop_Users where the usernames of the laptops are their mac addreses (and also their password) for testing purposes. NPS is configured to point to the Access Point. Passwords are the same. When I tried to connect the IT Laptop to the IT_WIFI it failed, as well as the 2 other laptops as well. Questions: 1) Is my scenario possible? I literally don't get how this MAC based authentication works since on the NPS I only associated the Group of laptops with their username and password as their mac. Is that it? That's the mac based authentication? 2) How do I separate the access for my Laptops, i.e. I only want HR users to access the HR WIFI. Should I create separate polices for each SSID that I create? Thanks for reading!
... View more