Bienvenido a Soporte Purple

Cisco Meraki AP / MX / Z1

  • Actualización

Logging in

Open a web browser and log in to your Meraki dashboard at https://dashboard.meraki.com

Access Control

Click Wireless > Access Control on the left menu. From the SSID dropdown, choose the one you wish to use, then configure with the below settings:

SSID (name): Guest WiFi (or whatever you wish)
SSID status: Enabled
Security: Open
Splash page: Sign-on with my RADIUS server

Under Advanced splash settings configure:

Captive portal strength: Block all access until sign-on is complete
Walled garden: Enabled - please refer to this list
Simultaneous logins: Allow
Controller disconnection behavior: Default

Under RADIUS click Add server and add:

Host IP or FQDN: *insert radius_server here*
Auth Port: 1812
Secret: *insert radius_secret here*

Click Add server again and add:

Host IP or FQDN: *insert radius_server2 here*
Auth Port: 1812
Secret: *insert radius_secret here*

Under RADIUS accounting servers click Add server and add:

Host IP or FQDN: *insert radius_server here*
Auth Port: 1813
Secret: *insert radius_secret here*

Click Add server again and add:

Host IP or FQDN: *insert radius_server2 here*
Auth Port: 1813
Secret: *insert radius_secret here*
Accounting interim interval: 4 minutes

Under Advanced RADIUS settings (if present) configure:

Called-Station-ID 1 - AP MAC address (remove any others)
NAS ID 1 - AP MAC address (remove any others)
Server timeout: 5 seconds
Retry count: 3
Data-carrier detect: Disable
Client IP and VLAN: Meraki AP assigned (NAT)

Click on Save Changes.

Splash Page

Click Wireless > Splash Page on the left and configure with:

Custom splash URL: *insert access_url here*
Where should users go after the splash page?

A Different URL:

*insert redirect_url here*

Click Save changes.

 

To enable our SecurePass WiFi solution please complete the steps below. This enables a secure, seamless WiFi connection for repeat users.

Secure Access Control

Click Wireless > Access Control on the left menu. From the SSID dropdown, choose the one you wish to use, then configure with the below settings:

SSID (name): Secure Guest WiFi (or whatever you wish)
SSID status: Enabled
Security: Enterprise with my RADIUS server
Wi-Fi Personal Network (WPN): Disbled
WPA encryption: WAP2 only
Splash page: Click-through
Security Type: WPA2 Enterprise (802.1X)

Under Advanced splash settings configure:

Captive portal strength: Block all access until sign-on is complete
Walled garden: Enabled - please refer to this list
Controller disconnection behavior: Default

Under RADIUS servers click Add server and add:

Host IP or FQDN: rad1-secure.purple.ai
Auth Port: 2083
Secret: radsec
RadSec: Enabled

Click Add server again and add:

Host IP or FQDN: rad2-secure.purple.ai
Auth Port: 2083
Secret: radsec
RadSec: Enabled

Under RADIUS accounting servers click Add server and add:

Host IP or FQDN: rad1-secure.purple.ai
Auth Port: 2083
Secret: radsec
RadSec: Enabled

Click Add server again and add:

Host IP or FQDN: rad2-secure.purple.ai
Auth Port: 2083
Secret: radsec
RadSec: Enabled
Accounting interim interval: 4 minutes
RADSec TLS idle timeout: 15 minutes
RADIUS testing: Disabled
RADIUS CoA support: Disabled
RADIUS proxy: Enabled

Under Advanced RADIUS settings configure:

NAS ID 1 - AP MAC address (remove any others)
Server timeout: 5 seconds
Retry count: 3

Click Save to save.

Hotspot 2.0 (Passpoint) Configuration

Click Wireless > Hotspot 2.0 on the left menu. From the SSID dropdown, choose your Secure SSID and configure with:

SSID (name): Secure Guest WiFi (or whatever you wish)
SSID status: Enabled
Security: Enterprise with my RADIUS server
Wi-Fi Personal Network (WPN): Disbled
WPA encryption: WAP2 only
Splash page: None
Security Type: WPA2 Enterprise (802.1X)
Passpoint: Enabled
Operators: OpenRoaming-Settlement-Free
Venue Name: Your Venue Name

Under Advanced Settings configure with:

Hotspot 2.0: Enabled
Operator name: PURPLE:GB
Venue Name: (whatever you wish)
Venue type: (whatever you wish)
Network type: Free public network
Domain List: securewifi.purple.ai
Roaming Consortium OIs: 5A03BA0000
004096
NAI Realms:

click Create realm and configure:

  • Format: 0
  • Name: securewifi.purple.ai

click Add an EAP method and configure:

  • Method ID: 21 EAP-TTLS
  • Authentication Methods: PAP

Click Save.

Click Save Changes.

Secure Splash Page

Click Wireless > Splash Page on the left and configure with:

Custom splash URL: *insert access_url here*
Where should users go after the splash page?

A Different URL:

*insert redirect_url here*

Click Save changes.

Configuration Complete

The configuration is now complete.

Compartir en línea
¿Fue útil este artículo?
Usuarios a los que les pareció útil: 0 de 0