Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts in the Routing and SD-WAN forum. Click to go to the forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5904
Views
5
Helpful
3
Replies

MR Access Point Integration with FortiGate

Go to solution
DavideUrsino
Community Member

‎03-16-2020 03:22 AM

Good Morning to all,

I have a question reguarding authentication with Firewall FortiGate as Access Control,

I would like the FortiGate took over the role of "WiFi controller" and centralized all the client authorization,

Is it also possible to tag traffic from clients with VLANs created on Fortigate?

Thanks in advance for your reply

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Philip D'Ath
Meraki Community All-Star
Meraki Community All-Star

‎03-16-2020 11:10 AM

You can either use the Tunnel-Private-Group-ID attribute to dynamically specify the VLAN the wireless user should be placed into:

https://documentation.meraki.com/MR/Encryption_and_Authentication/Configuring_RADIUS_Authentication_with_WPA2-Enterprise#Supported_RADIUS_Attributes

Or you can create a Meraki group policies assigning whatever you want. Then use the Filter-Id attribute to specify which group policies to assign to whatever users you want.

https://documentation.meraki.com/MR/Group_Policies_and_Blacklisting/Using_RADIUS_Attributes_to_Apply_Group_Policies

View solution in original post

3 Replies 3

Go to solution
CMR
Meraki Community All-Star
Meraki Community All-Star

‎03-16-2020 03:35 AM

If the Fortigate can be a radius server then you can use it for wireless client authentication. You can't use it as a full wireless controller as the Meraki cloud is that.

If my answer solves your problem please click Accept as Solution so others can benefit from it.

Go to solution
DavideUrsino
Community Member
In response to CMR

‎03-16-2020 05:31 AM

Thx for the quick answer.
with the authentication by RADIUS server, the FortiGate will decide only the access but the security policies will be settings on the Meraki cloud or will those on the fortigate be applied?
0 Helpful

Go to solution
Philip D'Ath
Meraki Community All-Star
Meraki Community All-Star

‎03-16-2020 11:10 AM

You can either use the Tunnel-Private-Group-ID attribute to dynamically specify the VLAN the wireless user should be placed into:

https://documentation.meraki.com/MR/Encryption_and_Authentication/Configuring_RADIUS_Authentication_with_WPA2-Enterprise#Supported_RADIUS_Attributes

Or you can create a Meraki group policies assigning whatever you want. Then use the Filter-Id attribute to specify which group policies to assign to whatever users you want.

https://documentation.meraki.com/MR/Group_Policies_and_Blacklisting/Using_RADIUS_Attributes_to_Apply_Group_Policies

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card