09-01-2016 06:55 AM - edited 07-05-2021 05:45 AM
Hi
As a company we are looking at getting Meraki
1/ I was thrown by the fact that Meraki, have their own switch models, are Meraki AP's compatible with any Cisco switch that supports POE ?
2/ I know the management traffic only goes via the Cisco cloud, so if I implemented them for a radius authentication model against AD, I should have any issues doing so, if I implement these ?
Many thanks
J
09-01-2016 07:56 AM
James,
The Meraki Aps will work with Cisco switches. Yes Meraki does support radius authentication, it even work with Cisco ISE..
I've tested the Meraki APs in the past, the cloud based setup is really easy, but in an enterprise environment I'm not a fan.. you can't go wrong with a Cisco Wireless LAN Controller and Cisco APs
I hope this helps
09-04-2016 11:04 AM
Just to add, I have Meraki aps on Cisco switches and Cisco AP's on Meraki switches. There was an issue with Meraki AP's not negotiating properly with 3850's, but I think that is fixed.
Since Meraki AP's are configured in a trunk port, you can use local radius if you want as the radius traffic will be sent on the management vlan.
-Scott
*** Please rate helpful posts ***
09-05-2016 02:11 AM
Hi Scott
Thanks for the response, so on my 2960x switches, If i configure the ports that the APs will be sitting on as trunks, and then under access control on the meraki box configured bridge mode and enabled vlan tagging, and then add my radius server PEAP MSCHAPv2, then on the windows server, I could set up the AP,s on the windows box, and then configure authentication via AD ?
09-05-2016 06:16 AM
The Meraki AP's will be connected to a trunk port and its best to place AP's in one subnet so that you can create one AAA client with the ip range. Then defining the SSID for radius and using an internal radius is all you need to do.
Here is a link to a doc that will help:
https://documentation.meraki.com/MR/Encryption_and_Authentication/Configuring_RADIUS_Authentication_with_WPA2-Enterprise
-Scott
*** Please rate helpful posts ***
09-05-2016 02:10 AM
Hi All
Thanks for the response, so on my 2960x switches, If i configure the ports that the APs will be sitting on as trunks, and then under access control on the meraki box configured bridge mode and enabled vlan tagging, and then add my radius server PEAP MSCHAPv2, then on the windows server, I could set up the AP,s on the windows box, and then configure authentication via AD ?
Thanks all
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide