802.1X Machine Authentication with Per Group VLANs with Meraki Wireless Access Points

The below is more of a supplement to the Meraki knowledge base articles as I thought (personally) they were lacking quite a bit with some important information – also a warning about using group policies in the Meraki dashboard.

The main articles to follow are:

Basically you have something like this:

networkpolicy-conditions networkpolicy-settings

The above attributes are required if you want to send the VLAN tag in the RADIUS response. See this article for more information.

NOTE: As of this post there exists an issue (and this issue has been in existence for about 6 months now – I have been struggling to find a solution to the horror in Windows that is seeing the wireless network in ‘limited connectivity’ mode) where Pairwise Master Key caching (PMK) fails to work properly and causes the VLAN policy tag to be lost during client re-association.

This issue only exists if you use VLAN assignment in the group policy section in the Meraki dashboard. If you use the above steps to send the VLAN tag as part of the RADIUS response then you will be fine.


VLAN Tagging Per Active Directory Group With Meraki Access Point

This will be a quick guide on configuring your Meraki Wireless Access Point to tag users in specific VLANs according to what AD group they are in.

In this example I will assume the following:

  1. You have a department called Sales (VLAN 10)
  2. You have a department called Technical (VLAN 20)
  3. These VLANs are already set-up
  4. You are using Windows Server RADIUS/NPS (Network Policy and Access Services) – if you have not configured a RADIUS server for the Meraki AP, watch this blog for an update in the near future as I will post a how-to for this)

Get a Free Cisco Meraki 802.1n Wireless Access Point

Cisco Meraki is a whole new game changer for sys admins – it adds a completely different perspective to ‘Cloud’ managed devices. I will be trialling out the Meraki suite of devices & services for my organisation and hopefully blog about it in the near future!

In the mean time, if you want to try out a Meraki WAP, see below!

IT professionals can receive a FREE Cisco Meraki access point (AP) with a 3-year cloud management license.

While Cisco Meraki webinars are open to all audiences and while APs may be offered at live events, to be eligible for a free AP, participants must:

Attend the live event or the live webinar in its entirety
Enter a valid company name
Be an IT professional
Register with a shipping address in the US, CA, UK or the rest of the EEA, Croatia, Switzerland, Australia, New Zealand, or Puerto Rico. We cannot ship free APs outside of these regions, and cannot ship to post office boxes.
European countries require a valid VAT ID for shipment
Register with their organization’s email address
Confirm eligibility and shipping address with a Cisco Meraki representative by phone
If you are unable to accept your AP due to restrictions, (e.g., Erate), we will be happy to provide you with a trial AP, which can be returned following your evaluation of our solution

As APs are provided as an educational tool to those new to the Cisco Meraki platform, individuals and organizations who have received a free access point through other promotions are not eligible. Limit one free AP per organization and per individual. Due to abuse, we cannot provide free access points to individuals who register with yahoo, gmail, hotmail, and other similar email addresses.


Browsing Network Shares on the PlayBook

So it’s been a day since OS2 was released for the PlayBook and all I can say is ‘AWESOME!!!’.
My PlayBook has become even more productive than ever before with the addition of the native e-mail, contacts and calendar applications which takes (true) multi-tasking to another level 😉

Today I will talk about how you can very quickly and easily access your network shares with your PlayBook using the FREE Ghost Commander file manager app.


Resolving PlayBook Wifi Issues

So I received my spanking new, beautiful PlayBook yesterday and after playing with it for a while, I noticed some really bad wi-fi drop-outs.
i.e., the wireless network would show as connected but nothing would work… the browser wouldn’t load, App World would complain and pings would fail. The only way you can get it to work again is to turn the wi-fi off and back on again.
The operating system I have had this issue on is the latest as of this post (