You can configure policies on individual SSIDs by going to Wireless > Configure > SSIDs.
Click Edit settings under the specific SSID.
Choose Enabled: assign group policies automatically by device type under Assign group policies by device type.
Click Add group policy for a device type.
Choose a device type (iPhone in this example).
Choose a built in policies (blocked in this example) under Group policy.
Choose Block all access until sign-on is complete under Captive portal strength.
Choose Block adult content under Content filtering.
You'll see this response page when your device category is blocked (such as a BYOD policy). You can customize the message error displayed such as Blocked by Meraki Cloud Policy. This can be configured under Network-wide > Configure > General > Default block message.
You'll see this error when adult content block policy is enforced.
I've used inSSIDer running on my PC to verify the SSID is only using the 5 GHz band. You'll notice the 2.4 GHz band is populated with wireless SSIDs (which is a common scenario) compared to the 5 GHz band.
Choose Meraki
authentication under Network access
> WPA2-Enterprise with and Click-through
under Splash page. This will use the local Users
created on the Meraki dashboard. The Authenticated
Users will appear and you can click on the Users page hyperlink.
When you click on the Users
hyperlink, it will redirect you to User Management portal. Click Add new user to create Meraki 802.1X user
accounts. You can optionally choose Generate
to auto-generate a password, email the login info to the user’s email address
and set expiration time on the account.
Choose Enabled: assign group policies automatically by device type under Assign group policies by device type.
Click Add group policy for a device type.
Choose a device type (iPhone in this example).
Choose a built in policies (blocked in this example) under Group policy.
Choose Block all access until sign-on is complete under Captive portal strength.
Choose Allow users to
create accounts under Self-registration. Choose Limit users to one device at a time under Simultaneous logins.
Choose Block adult content under Content filtering.
Choose 5 GHz band only under Wireless options > Band
selection.
Click Save Changes at
the bottom of the screen. I've used my iPhone to test the SSID Meraki (local) authentication policy. I entered the username/password and accepted the Meraki CA certificate.
To verify go to Network-wide > Event log. Notice under Event type, the 802.1X EAP authentication was successful.
You'll see this error when adult content block policy is enforced.
I've used inSSIDer running on my PC to verify the SSID is only using the 5 GHz band. You'll notice the 2.4 GHz band is populated with wireless SSIDs (which is a common scenario) compared to the 5 GHz band.
No comments:
Post a Comment