Showing results for 
Search instead for 
Did you mean: 

How to Configure Central Web Auth with Meraki Wireless and ISE

Cisco Employee

Video Length: 6 minutes


Recently, Meraki announced support for RADIUS CoA and URL-Redirect support for the MR platforms.  This short video presentation describes Central Web Auth, shows configuration steps for both products, and finishes with a quick demonstration.  If you are interested in gaining access to these new Meraki features, reach out to your Meraki SE or the Meraki support team to have your network provisioned for the open beta.

Demo Components

  • Meraki MR Access point (in open beta)
  • ISE version 2.0
  • Apple iPhone






I tried going through these steps with the use of the meraki/ISE integrated guide. However, whenever users try to access the SSID both for mobile and PC, the redirection is not happening and rejects the request. From the ISE live logs it sees the device attempting to log in but not getting any IP, when I called Meraki they said ISE is rejecting the association. How do I proceed?


Can you share additional details? Do you see the correct result returned by ISE? Maybe share the authc details from the livelog and configuration screenshot for the ssid from the Meraki Dashboard?


Here it is




I think you may have your authentication policy misconfigured in ISE. Do you have If user not found Continue in the Meraki Policy -> Wireless MAB configuration as the attached screenshot shows?


I am seeing hits on the Authentication policy for Wireless_MAB itself.


Yes, you are hitting that policy and it’s rejecting the endpoint. Did you try the change I suggested?


Thanks George that worked, it started redirecting however for some weird reason its not redirecting with iphones and just iphones devices. everything else is fine. Currently on a 3-way call with Meraki and Cisco TAC but so far no luck


Probably vide a little more detail about your iphone redirection problem if you can (if it’s not resolved). If it is resolved, share what you learned with the community if you can.

Warning: I either dictated this to my device, or typed it with my thumbs. Erroneous words are a feature, not a typo.


After being placed on hold by meraki support for 2 hours, they just came back to me to advise that whenever iphones associate with the guest SSID to browse to a http and not a https website to redirect them to the AUP. It worked as a work around.

Though after a few days for some reason the guest SSID stopped working again. Users are now getting the sucess login splash page but couldn't browse out the internet.