Cisco Meraki is the leader in cloud controlled Wi-Fi, routing and security. Cisco Meraki provides devices and software to help businesses manage Wi-Fi network access for employees and guests.
Important note: The Cisco Meraki integration is compatible with both our Visitors and Workplace products. During the configuration steps below, be sure to only choose settings related to the Envoy product you are using.
Envoy Visitors + Cisco Meraki
The Envoy + Cisco Meraki app has the ability to provide workplace Visitors temporary Wi-Fi credentials when they are signed-in. Each time a visitor signs in to the workplace, unique credentials are generated and sent out via email or text.
Envoy Workplace (Employees) + Cisco Meraki
Envoy also provides the option to automatically sign-in employees once they connect to your Cisco Meraki powered Wi-Fi network. When an employee's device connects to the Wi-Fi network, Cisco Meraki will validate the device using 802.1x/RADIUS and obtain the username (email) of the employee. Cisco Meraki automatically sends this information to Envoy, and we sign the employee into the workplace!
Step 1: API Access
Navigate to Apps > All Apps.
Search for Cisco Meraki and install the App.
Log into the Cisco Meraki dashboard and navigate to Organization > Settings. Locate the section titled Dashboard API access and select Enable Access, then save your changes.
Either click the link to your profile in the description of "API Access," or navigate to My Profile profile by clicking your user profile name in the top-right corner of the Meraki Dashboard.
Navigate to the section titled API Access and click on "Generate new API key" if you have not generated one already. Copy this key and store in a safe place.
If you do not see a button labeled “Generate new API key” then the API quota may be full. We recommend using one that is already generated so long as you have it stored somewhere, or if necessary, you can "Revoke" one to generate another.
In Envoy, paste the Meraki API key.
Select your API Region if this is different from the default.
Step 2: Organization
Select which organization you would like to use with the Envoy + Meraki integration.
Select the Network you will be using for Access.
Envoy Visitors + Cisco Meraki Configuration
**Visitor Configuration is optional**
[Visitors SSID]: Select your desired SSID for Visitors from the dropdown.
[Access Duration]: Choose the length of time up to 24 hours for guest wi-fi access
[Optional]: Select Visitor types to block from receiving Wi-Fi credentials.
[Optional]: Send guest Wi-Fi credentials to hosts.
This is useful when visitors do not have easy access to email or text messages or if they are not required to enter their email address or phone number at sign in.
[Optional]: Select delete visitor credentials on sign-out from "User Management Portal" (Network-wide -> Users)
[Security and Splash Page Settings] Select your security and splash page settings
What is the visitor experience with the Envoy + Cisco Meraki app?
When a visitor signs in, they will receive an email or SMS with instructions on how to access your Wi-Fi.
When they follow the instructions in the email or SMS, they will be directed to the Wi-Fi network where they can use their credentials to gain access.
Envoy Workplace (Employees) + Cisco Meraki Configuration
This feature is still in Beta and may have limited availability. Please reach out to Envoy directly to see if this is available for your account.
Envoy will soon offer the option to automatically sign-in employees to the workplace when they connect to the your workplace's Cisco Meraki Wifi. You can enable this feature within the Employee Access section (Step 4) of the Cisco Meraki app installation within Envoy.
Option 1: Identity Authentication
With the Identity verification option, Cisco Meraki validates the device using 802.1x/RADIUS server, obtaining identity information (e.g. email) when the employee signs onto the company Wifi. After a Wifi connection is established, behind the scenes, Cisco Meraki sends the device's identity information and connection data to Envoy which signs the employee into the workplace.
Identity Authentication Configuration:
Please ensure your Meraki employee Wi-FI network is set to our specifications so we can successfully map Wi-Fi connections to Employees in the Envoy Employee Directory
After the requirements are met, navigate to the Employee Access section at the bottom of step 4 on the app installation.
Select Yes to "Auto sign in employees with Wifi connection data?"
Select the SSID that you would like to use to track employee sign-in.
Option 2 - Device Authentication
Envoy automatically sign-ins employees when their computer or registered device connects to the Cisco Meraki Wifi.
Device Authentication Configuration:
Select the "Device authentication with MAC address" option
Select the network (SSID) that employees sign into when they are at the workplace.
Upload a CSV that contains the email addresses of all employees and their associated device's MAC addresses. The email and mac address should be in two different columns.
Select the name of the column for email addresses.
Select the name of the column for MAC addresses.
Now, when the network detects the associated MAC address, the employee will be automatically signed into Envoy provided they have approved registration.
Cisco Meraki + Visitors FAQ
Options for Client IP and VLAN:
Meraki AP assigned (NAT mode)
(or) External DHCP server assigned
The default session timeout for passwords is configurable during creation. We expire the user when the visitor is signed out.
User creation for guest access is handled through Meraki Cloud Authentication