Cisco Meraki Z1

 

This guide will walk you through the process of setting up your Cisco Meraki hardware to work with Turnstyle. This operation is done entirely on the Meraki dashboard so all you'll need is your Meraki hardware!

Analytics & CMX 

1. Enter your Meraki dashboard at meraki.cisco.com
2. Go to Network-wide -> General
3. Scroll down to 'Location and Scanning'

a. Send Validator key to your Turnstyle representative
b. Analytics = Analytics enabled
c. Scanning API = Scanning API enabled

4. Add a Post URL

a. Post URL = **From your Turnstyle representative**
b. Secret = **From your Turnstyle representative**
c. API Version = 2.0
d. Click Validate – if successful, a green message will appear

5. Data collection will begin within 24 hours


 

Captive Portal & Splash Page

1.Under Teleworker Gateway --> Configure, click the tab 'Addressing & VLANs'

  • Under Router, make sure VLANS are Enabled
  • Set up two VLANs as follows:
    • VLAN 20
      • Name: Default
      • Subnet 192.168.128.0/24
      • MX IP: 192.168.128.1
      • VLAND ID: 20
      • Group Policy: None
    • VLAN 10
      • Name: Local Lan
      • Subnet 192.168.129.0/24
      • MX IP: 192.168.129.1
      • VLAND ID: 10
      • Group Policy: None

  • This is not required, but for any ports you would like to make available for other hardware:
    • Select the ports you'd like to make available
    • Click Edit
    • Assign to VLAN 10

  • Save

 

2. Under the header ‘Configure’ click the tab ‘Wireless Setting’

3. Ensure under the SSID:

  • Status is enabled
  • SSID is named
  • VLAN for free guest wifi is set to 20
  • Security is open
  • Visibility is set to 'Advertise this SSID Publicly
  • To enable a second staff SSID:
    • Status is enabled
    • SSID is named
    • VLAN for staff wifi is set to 10
    • Security is WPA2 PSK
    • WPA Key is the wifi password you'd like to use
  • Save changes

 

4. Under the header ‘Configure’ click the tab ‘Access Control’.  

5.  For VLAN 20, In the section 'Splash page', select the option 'Sign-on with' and choose my RADIUS server.

Below in the section ‘RADIUS for splash page’ click ‘Add a server’ and add the following two RADIUS servers:

RADIUS 1

  • Host: 52.20.198.151
  • Port 1812
  • Secret: *Contact support@getturnstyle.com*   

RADIUS 2

  • Host: 52.22.120.222
  • Port: 1812
  • Secret: *Contact support@getturnstyle.com*   

6. Enable Walled Garden

Add the following list of URLs to the white list

*.getturnstyle.com
s3.amazonaws.com
*.nr-data.net
*.newrelic.com
*.bootstrapcdn.com
*.akamaihd.net
*.fbcdn.net
*.facebook.com
connect.facebook.net
*.twitter.com
*.twimg.com
*.linkedin.com
*.licdn.com

Note: Some customers may receive an error at this stage indicating that only IP ranges are accepted. If this is the case contact Meraki and request for domain based Whitelists to be enabled.

Note 2: The above walled garden does not support Google+ as an authentication method.  For full details please see here.

 

7. Set the Controller disconnection behavior to 'restricted'

Click 'Save Changes'.

 

8. Under Access Control, for VLAN 10, set Splash Page to None.

 

8. Select ‘Teleworker gateway’ > ‘Splash page’

9. In the section ‘Custom splash URL’, select ‘Or provide a URL where users will be redirected:’, and enter http://wifi.getturnstyle.com

 

Click 'Save Changes'.

Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments