Unable to Get a List of Organizations in Solarwinds Orion

SOLVED
PatrickBB
Getting noticed

Unable to Get a List of Organizations in Solarwinds Orion

I saw that there was another post earlier this year for this same issue without a resolution. 

 

https://community.meraki.com/t5/Dashboard-Administration/Meraki-Dashboard-Integration-with-enterpris...

 

We spun up an Orion server in AWS.  

 

I have followed the following instructions for monitoring Meraki APs in Orion.

 

https://documentation.solarwinds.com/en/success_center/NPM/content/npm-monitor-meraki-devices.htm

 

I see in both the Firewall information that API requests go to api.meraki.com.  However, when selecting "Meraki Wireless:API" in Orion, it defaults the Polling Hostname to dashboard.meraki.com and it is greyed out.  The hostname cannot be change to api.merkai.com.

 

PatrickBB_0-1608235787057.png

 

When I add the API key, I get an error message that it "Failed to get a list of organizations".  To rule out an issue with the API key, I revoked the previous key and generated a new one.  Both did the same thing.

 

PatrickBB_1-1608235943653.png

 

From the same host that is running Orion in AWS, they have brought up a web browser and are able to get to dashboard.merkai.com.  I don't believe that 443 outbound from the AWS host is being blocked.

 

I also looked at Solarwinds support pages.  For older versions of Orion (12.1 and 12.2) they noted issues with TLS versions.  We are running a 2020.x version.  Their other note was setting up Orion to use TLS v1.0, but it looks like Meraki does not support TLS v1.0 since 2018.  

 

https://support.solarwinds.com/SuccessCenter/s/article/Meraki-monitoring-Failed-to-get-list-of-organ...

 

Has anyone ran into this issue and found a solution?  I am going to go back to my AWS team and see if there is an access policy there that may be blocking this.

1 ACCEPTED SOLUTION

I opened a case with Meraki TAC. 

 

We have multiple orgs, but only 1 org contains the access points. The other org is legacy from an acquisition.

 

I had assumed that the only place that the "Login IP ranges" needed to have the external AWS IP address was the org that contained the APs.  After adding that same AWS IP to the other org, Orion was able to pull the list of orgs to where I could select the one that had the APs.

 

The solution is to ensure that the public IP Address from Orion is entered into the Login IP ranges in all orgs if one has multiple orgs.

View solution in original post

3 REPLIES 3
PatrickBB
Getting noticed

Here is some additional information.  We ran the external connectivity test from Orion and to shows that https://dashboard.meraki.com is reachable.

 

PatrickBB_0-1608243779610.png

 

Are you able to capture details of the API call that Orion is making towards the Dashboard?

Have you been able to verify that the API key(s) you've tried are working, outside of Orion - perhaps by using Postman?   If you are to do both of these, try using the call Orion is making, within Postman? 

I opened a case with Meraki TAC. 

 

We have multiple orgs, but only 1 org contains the access points. The other org is legacy from an acquisition.

 

I had assumed that the only place that the "Login IP ranges" needed to have the external AWS IP address was the org that contained the APs.  After adding that same AWS IP to the other org, Orion was able to pull the list of orgs to where I could select the one that had the APs.

 

The solution is to ensure that the public IP Address from Orion is entered into the Login IP ranges in all orgs if one has multiple orgs.

Get notified when there are additional replies to this discussion.