This article details steps to import your Meraki networks into Cloudi-Fi and enable splash page directly in your Meraki MR/MX.
Meraki API enablement,
Use Cloudi-Fi wizard to import any existing Meraki network,
Configure Meraki SSID and Splash page manually (optional)
1) Enable API access to Meraki portal
Go to Meraki administration page, go to Organization > Settings Menu,
Tick the box « Enable access to the Cisco Meraki Dashboard API and save changes.
2) Generate the API Key
Edit your profile and scroll down to the « API access » section.
Click on Generate a new API key and save it on your workstation.
Tick the box to confirm that you saved the key and click on Done.
3) Import the API key In Cloudi-Fi portal
Go to Cloudi-Fi administration UI > Settings > Company Profile > Select "Meraki" in the drop-down menu in Advanced Section
( 1 ) Select Meraki as Authentication method
( 2 ) Splash page URL to be configured on the Meraki portal
( 3 ) Paste the API key generated on the Meraki portal
( 4 ) Select which type of Meraki device is imported in Cloudi-Fi
( 5 ) Save your settings
4) Run the wizard to configure your Cloudi-Fi locations
The wizard is used to automatically import Meraki networks. They will be available as Cloudi-Fi locations.
Click on « Run Meraki Wizard now »
Verify informations and click on Next
The wizard will directly retrieve networks and devices details from Meraki.
A list of new and updated devices is shown. For each network, you can create, update or ignore with the orange box on the right.
Do not forget to click on Apply to proceed.
On the last page, you have the status of the import
5) Verify Cloudi-Fi locations creation
Verify that Meraki networks are successfully imported as Cloudi-Fi locations in the LOCATIONS menu :
If you edit the location, you can see that the Wizard has automatically imported the MAC-addresses of the Meraki devices. This parameter is used to identify the location.
6) Create the Guest SSID
Note that menus are differents between MR and MX devices
For MX devices, go to Security & SD-WAN > Wireless settings
Enable an available SSID, fill a name and choose Security : Open
For MR devices, go to Wireless > SSIDs
Enable an available SSID, fill a name and save changes.
Then go to Wireless > Acces control and select "Open (no encryption)" in Association requirements
And select "Click-through" method for the Splash page
You also have to authorize unauthenticated users to access to "cloudi-fi.net" domain in order to allow them to access to the Cloudi-Fi captive portal.
For MX devices, go to Security & SD-WAN > Access control
For MR devices, go to Wireless > Access control
In the Walled garden ranges, add *.cloudi-fi.net
Depending the authentification methods you have enabled on your captive portal, you may have to add additional domains in the Walled garden ranges.
Cloudi-Fi support will provide you the needed extra domains.
For MR and MX: Configure how WiFi clients will retrieve an IP:
This settings depends of your network architecture, for instance if you already have a DHCP server and dedicated DHCP range for Guest users.
For an easy deployement, we recommand to use the "NAT mode" option.
The Access-Point will act as DHCP server and all WiFi client will be see outside of the wireless network with the Access Point LAN IP.
7) Configure the Splash page in Meraki administration
On the Meraki Portal,
For MX devices, go to Security & SD-WAN > Splash page
For MR devices, go to Wireless > Splash page
Choose to use a Custom splash URL and fill the Cloudi-Fi URL
8) Prevent Guest users to access your internals networks
Go to Wireless > Firewall & Traffic Shaping > Select your SSID
And modify the existing rule in order to deny Guest users to access private IP ranges.