Meraki

Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Method to "bake" wi-fi password into an SSID?

JMY34
Getting noticed
‎Jul 10 2023 6:13 AM
‎Jul 10 2023 6:13 AM

Method to "bake" wi-fi password into an SSID?

Hi! I work at a small school system in the IT department and since it's summer, we're trying to re-tool some processes that there have been issues with. We use a Meraki network that connects all of our school locations, and among others, we have a student wi-fi and a teacher wi-fi connection. The teachers have been prone to writing their wi-fi connection password down on whiteboards and leaving it where students are getting access to it. Some admins are asking us to find a way to integrate the password/credentials right into the SSID. I was thinking of a rough idea where we could set the teacher SSID up with a splash page requiring a one-time login with their credentials, but I think I would need to know ALL their credentials in advance, which might be tricky. Can anyone recommend an alternate method that would work with a (hopeful) minimum of fuss? Thanks in advance.

0 Kudos
12 Replies 12
alemabrahao
Kind of a big deal
Kind of a big deal
‎Jul 10 2023 6:23 AM
‎Jul 10 2023 6:23 AM

Take a look at this solution.

 

https://www.splashaccess.com/

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
KarstenI
Kind of a big deal
Kind of a big deal
‎Jul 10 2023 6:57 AM
‎Jul 10 2023 6:57 AM

Are the teacher PCs owned by the school? In this case, an easy solution for this problem would be to configure the WLAN-Settings of the PCs with an MDM like Meraki SM.

In response to KarstenI
JMY34
Getting noticed
‎Jul 10 2023 7:38 AM
‎Jul 10 2023 7:38 AM

They are! But most teachers have their laptops with them and trying to get them to come in to us before the school year starts would be pretty much impossible. We would have to get hands on all those devices, correct? Thanks.

0 Kudos
In response to JMY34
KarstenI
Kind of a big deal
Kind of a big deal
‎Jul 10 2023 7:51 AM
‎Jul 10 2023 7:51 AM

They could do the enrolment the PCs on their own after being authenticated to your directory. But they would need to cooperate.

0 Kudos
In response to KarstenI
JMY34
Getting noticed
‎Jul 10 2023 8:07 AM
‎Jul 10 2023 8:07 AM

That's something to think about. Thanks!

0 Kudos
UKDanJones
Building a reputation
‎Jul 10 2023 6:59 AM
‎Jul 10 2023 6:59 AM

You should also check out wiflex.eu - nicer than splashaccess in my opinion. 

Please feel free to hit that kudos button
In response to UKDanJones
JMY34
Getting noticed
‎Jul 10 2023 7:37 AM
‎Jul 10 2023 7:37 AM

Thanks!

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jul 10 2023 12:49 PM
‎Jul 10 2023 12:49 PM

Do you have Active Directory?  If so, you could authenticate WiFi against that.

 

Do you use AzureAD (Office 365)?  If so, you could use @alemabrahao idea, and authenticate against that. 

 

 

In short, I would find a way to authenticate WiFi against an already existing username/password database you have.

In response to PhilipDAth
JMY34
Getting noticed
‎Jul 10 2023 1:02 PM
‎Jul 10 2023 1:02 PM

We do use AzureAD. I would love to pursue that, but my director is telling me that not all Teacher laptops have been Azure joined, and the Teachers currently have them out in the wild. So asking/wanting all Teachers to come in for us to get our hands on those laptops would be extremely difficult.

0 Kudos
In response to JMY34
alemabrahao
Kind of a big deal
Kind of a big deal
‎Jul 10 2023 1:07 PM
‎Jul 10 2023 1:07 PM

How about sponsored guest access?

 

https://documentation.meraki.com/MR/Encryption_and_Authentication/Sponsored_Guest

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
In response to JMY34
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jul 10 2023 1:08 PM
‎Jul 10 2023 1:08 PM

They don't need to be Azure AD joined for the Splash Access [education] system to work.  What happens is they log into a portal (once) using their Azure AD credentials, and then that portal lets them add their devices to the network.  It is intended to be a self-enrollment system.

https://www.splashaccess.com/portfolio/education/ 

0 Kudos
nerdocrat
Here to help
‎Jul 10 2023 2:33 PM
‎Jul 10 2023 2:33 PM

Are you using Meraki MRs? If so, would 802.1x via Meraki sentry wifi work? I have used this with Systems Manager tagging, so only tagged devices are allowed.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.