Logging in
Open a web browser and log in to your Meraki dashboard at https://dashboard.meraki.com
Access Control
Click Wireless > Access Control on the left menu. From the SSID dropdown, choose the one you wish to use, then configure with the below settings:
| SSID (name): | Guest WiFi (or whatever you wish) |
| SSID status: | Enabled |
| Security: | Open |
| Splash page: | Sign-on with my RADIUS server |
Under Advanced splash settings configure:
| Captive portal strength: | Block all access until sign-on is complete |
| Walled garden: | Enabled - please refer to this list |
| Simultaneous logins: | Allow |
| Controller disconnection behavior: | Default |
Under RADIUS click Add server and add:
| Host IP or FQDN: | *insert radius_server here* |
| Auth Port: | 1812 |
| Secret: | *insert radius_secret here* |
Click Add server again and add:
| Host IP or FQDN: | *insert radius_server2 here* |
| Auth Port: | 1812 |
| Secret: | *insert radius_secret here* |
Under RADIUS accounting servers click Add server and add:
| Host IP or FQDN: | *insert radius_server here* |
| Auth Port: | 1813 |
| Secret: | *insert radius_secret here* |
Click Add server again and add:
| Host IP or FQDN: | *insert radius_server2 here* |
| Auth Port: | 1813 |
| Secret: | *insert radius_secret here* |
| Accounting interim interval: | 4 minutes |
Under Advanced RADIUS settings (if present) configure:
| Called-Station-ID | 1 - AP MAC address (remove any others) |
| NAS ID | 1 - AP MAC address (remove any others) |
| Server timeout: | 5 seconds |
| Retry count: | 3 |
| Data-carrier detect: | Disable |
| Client IP and VLAN: | Meraki AP assigned (NAT) |
Click on Save Changes.
Splash Page
Click Wireless > Splash Page on the left and configure with:
| Custom splash URL: | *insert access_url here* |
| Where should users go after the splash page? |
A Different URL: *insert redirect_url here* |
Click Save changes.
Secure WiFi - PurpleConnex
Click Wireless > Access Control on the left menu. From the SSID dropdown, choose the one you wish to use, then configure with the below settings:
| SSID (name): | PurpleConnex |
| SSID status: | Enabled |
| Security: | Enterprise with my RADIUS server |
| Wi-Fi Personal Network (WPN): | Disbled |
| WPA encryption: | WPA2 only |
| Splash page: | None |
Under RADIUS servers click Add server and add:
| Host IP or FQDN: | rad1-secure.purple.ai |
| Auth Port: | 2083 |
| Secret: | radsec |
| RadSec: | Enabled |
Click Add server again and add:
| Host IP or FQDN: | rad2-secure.purple.ai |
| Auth Port: | 2083 |
| Secret: | radsec |
| RadSec: | Enabled |
Under RADIUS accounting servers click Add server and add:
| Host IP or FQDN: | rad1-secure.purple.ai |
| Auth Port: | 2083 |
| Secret: | radsec |
| RadSec: | Enabled |
Click Add server again and add:
| Host IP or FQDN: | rad2-secure.purple.ai |
| Auth Port: | 2083 |
| Secret: | radsec |
| RadSec: | Enabled |
| Accounting interim interval: | 4 minutes |
| RADSec TLS idle timeout: | 15 minutes |
| RADIUS testing: | Disabled |
| RADIUS CoA support: | Disabled |
| RADIUS proxy: | Enabled |
Under Advanced RADIUS settings configure:
| NAS ID | 1 - AP MAC address 2 - SSID name |
| Server timeout: | 5 seconds |
| Retry count: | 3 |
Click Save to save.
Hotspot 2.0 (Passpoint) Configuration
Click Wireless > Hotspot 2.0 on the left menu. From the SSID dropdown, choose your Secure SSID and configure with:
| Hotspot 2.0: | Enabled |
| Operator name: | PURPLE:GB |
| Venue Name: | (whatever you wish) |
| Venue type: | (whatever you wish) |
| Network type: | Free public network |
| Domain List: | securewifi.purple.ai |
| Roaming Consortium OIs: | 5A03BA0000 004096 |
| NAI Realms: |
click Create realm and configure:
click Add an EAP method and configure:
Click Save. |
Click Save Changes.
Configuration Complete
The configuration is now complete.
Free Guest WiFi
Purple App
SecurePass
Splash Access