Capabilities overview
We can integrate Meraki MX with idemeum Cloud Radius infrastructure. When users connect to the company AnyConnect VPN, they can log in with Passwordless MFA instead of typing a username and password.
In this integration guide, we will be setting up idemeum Cloud Radius and connecting it with Meraki deployment. You can learn more about idemeum Cloud Radius service here.
Set up idemeum integration
Create Meraki AnyConnect application
- Navigate to idemeum admin portal
- Access
Applications
and then search forMeraki AnyConnect Radius
application - Click
Add app
- Enter the following information:
- Client IP - this is the IP address from which Radius requests will be originating. Typically this is the external IP address of your WAN interface.
- Advance Options - only applicable when you have multiple Radius applications configured for the same network. The public IP address for these Radius applications will be the same. Hence to differentiate between requests, you need to specify NAS IP addresses for each client.
💡
The shared secret is generated post saving the application. Click Edit of Meraki AnyConnect Radius app in the My applications tab to copy the Shared secret. You will later use it in the Meraki configuration. This secret allows your Meraki wireless gateway to authenticate using idemeum Cloud Radius infrastructure.
- Click
Save
to save the Meraki AnyConnect Radius application
Entitle the Meraki AnyConnect application
Before users can access applications you need to make sure you entitle applications to them. In idemeum admin portal navigate to the Entitlements section to assign applications to your employees.
Set up Meraki integration
- Navigate to your Meraki Admin Dashboard
- Choose
Security & SD-WAN
->Client VPN
- Choose
AnyConnect Settings
- Scroll down to
Authentication and Access
- Choose
Authentication
->Radius
- Click
Add a RADIUS server
Now you will need to use idemeum Cloud Radius IP address that you can check here.
idemeum Cloud Radius IP addresses
idemeum Cloud Radius IP addresses
- Enter the IP address of the idemeum Radius server into
Host
field - Port is
1812
- Enter
Secret
that you generated when configuring the Meraki application in idemeum. (Click Edit of Meraki AnyConnect Radius app in the My applications tab to copy the Shared secret)
- Click
Save
to apply configuration
User experience
Users will able to connect in the following way:
- Connect to the company VPN network
- The user will be prompted for a username and password. The user will type the email address and leave the password blank
- Users will receive an idemeum push notification to a mobile device.
- Once approved with biometrics user will be connected to the network.