Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts in the Routing and SD-WAN forum. Click to go to the forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2908
Views
2
Helpful
2
Replies

Meraki Cloud Auth - Max Users & Protocols Supported

Go to solution
flyingframes
Level 3
Level 3

‎12-06-2023 01:41 PM

There is a username password based authentication using Meraki cloud as explained below:

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Managing_User_Accounts_using_Meraki_Cloud_Authentication

https://documentation.meraki.com/MR/Encryption_and_Authentication/Cloud_Hosted_Meraki_Authentication

1. Does it need the client to be configured for PEAP-MSCHAPv2?

2. If yes, will the meraki cloud server certificate be trusted by the client?

3. What is the maximum limit of users that can be created in Meraki dashboard for authentication?

4. Does the cloud auth integrate with any external identity provider? e.g. Azure AD, Okta etc?

5. Will it support certificate based auth e.g. EAP-TLS?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
aleabrahao
Meraki Community All-Star
Meraki Community All-Star

‎12-07-2023 03:07 AM

Yes, the Meraki cloud authentication uses a username-password based system, which is typically configured with PEAP-MSCHAPv2.

The Meraki cloud server's certificate should be trusted by the client for the authentication process to work correctly. However, certain client devices might get a prompt to trust or ignore validation for the Cisco Meraki certificate they get when connecting to an SSID.

The Meraki Dashboard does not explicitly state a maximum limit for the number of users that can be created for authentication. It's important to note that for each SSID, there's a design limit of 128 clients per radio built into the APs (But I really don't recommend connecting more than 30 clients per radio).

The Meraki cloud authentication can integrate with external identity providers through RADIUS or SAML. For example, it can be configured with Azure AD using SAML.

Yes, the Meraki cloud supports certificate-based authentication such as EAP-TLS. This can be easily deployed to iOS, Android, OS X, and Windows clients using the Systems Manager.

https://documentation.meraki.com/General_Administration/Managing_Dashboard_Access/Configuring_SAML_SSO_with_Azure_AD

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Configuring_EAP-TLS_Wireless_Authentication_with_Systems_Manager_Sentry_Wifi

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

2 Replies 2

Go to solution
aleabrahao
Meraki Community All-Star
Meraki Community All-Star

‎12-07-2023 03:07 AM

Yes, the Meraki cloud authentication uses a username-password based system, which is typically configured with PEAP-MSCHAPv2.

The Meraki cloud server's certificate should be trusted by the client for the authentication process to work correctly. However, certain client devices might get a prompt to trust or ignore validation for the Cisco Meraki certificate they get when connecting to an SSID.

The Meraki Dashboard does not explicitly state a maximum limit for the number of users that can be created for authentication. It's important to note that for each SSID, there's a design limit of 128 clients per radio built into the APs (But I really don't recommend connecting more than 30 clients per radio).

The Meraki cloud authentication can integrate with external identity providers through RADIUS or SAML. For example, it can be configured with Azure AD using SAML.

Yes, the Meraki cloud supports certificate-based authentication such as EAP-TLS. This can be easily deployed to iOS, Android, OS X, and Windows clients using the Systems Manager.

https://documentation.meraki.com/General_Administration/Managing_Dashboard_Access/Configuring_SAML_SSO_with_Azure_AD

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Configuring_EAP-TLS_Wireless_Authentication_with_Systems_Manager_Sentry_Wifi

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card