Documentation Digest: November 14th - November 17th

JohnIngram
Meraki Employee
Meraki Employee

Documentation Digest: November 14th - November 17th

DocDigest_Banner.png

 

MS130R Datasheet

MS130R Series Installation Guide

Change: New articles.

Z4C Datasheet

Z4C Installation Guide

Change: New articles.

CW9163E Installation Guide

Change: New article.

Cisco+ Secure Connect - Remote Access

Change: Updated "Client IP address pools" prerequisites; added "Private and Public DNS queries will go over the VPN tunnel." to "Tunnel All DNS"; added "In case of fall back to public resolver the DNS query will bypass VPN tunnel" to "Split DNS".

Meraki MX ThousandEyes Configuration Guide

Change: Added section "Changing the Configuration of Free Tests / Impact on ThousandEyes Units"; added "Network Topologies and Deployment Considerations"; added additional step 5 to "Enabling ThousandEyes Monitoring on the MX Platform - For Advanced Security Licensing".

Meraki and ThousandEyes Integration Troubleshooting

Change: Added troubleshooting "Issue: After linking my accounts, I get assigned to an incorrect ThousandEyes Account".

Security and SD-WAN (MX,Z) Features Directory

Change: Added "WAN Health Enhancements" to MX 18.2.x Feature Directory.

Creating and Applying Group Policies

Change: Added note that iPSK group policies don't count towards the 3000 client limit (which applies to manually assigned group policies).

Static IP Assignment

Change: Added note that the MX security appliance and Z-series teleworker gateway devices do not support /32 subnet mask on a WAN interface.

Device Utilization

Change: Updated section "MX Device Utilization" and "MX Recommendation".

Auto VPN Port Change FAQ

Meraki Auto VPN - Configuration and Troubleshooting

Change: Added "UDP ports" and "IP ranges for China Cloud" to FAQ "What should I do to avoid reliability issues and Auto VPN failures?".

MX Templates Best Practices

Change: Added note on how to override client VPN settings and manage client VPN users; added note that the user management section of the Client VPN configuration is also template-wide. Therefore users who connect from any of the networks that are bound to the template need to be configured in the template.

IPv6 Support on MX Security & SD-WAN Platforms [Core Fundamentals]

Change: Added "Recursive DNS Server (RDNSS)".

Meraki Z Subscription Licensing

Meraki MX/Z Security and SD-WAN Licensing

Change: Added Z4C.

Z4/Z4C Series Hardware Installation Guide

Change: Added Z4C.

VPN Full-Tunnel Exclusion (Application and IP/URL Based Local Internet Breakout)

Change: Edited for new Z Series Secure Teleworker License.

Product Firmware Version Restrictions

Change: Added MS130.

Small-Form Factor Pluggable (SFP) and Stacking Accessories

Change: Added MS130R.

MS130 Series Installation Guide

Change: Added "PoE Port Budget" and "PoE Switch Budget".

Getting started: Cisco Catalyst 9300 with Meraki Dashboard

Change: Updated download link for special IOS-XE release for C9300X-12Y, C9300X-24Y, C9300-24S and C9300-48S migration.

Dynamic ARP Inspection

Change: Added section "Hardware and software support".

MS Layer 3 Switching and Routing

Change: Added note that the alert "This switch is routing for too many hosts. Performance may be affected" will be displayed if the current number of routed clients exceeds the values mentioned in the table.

CW9166D1 Installation Guide

Change: Updated section "Mounting on a Wall or Ceiling Using Articulating Bracket".

CW9162 Datasheet

CW9164 Datasheet

CW9166 Datasheet

Change: DL-OFDMA and UL-OFDMA now available.

Video Streaming

Change: Added note that the source port used for direct LAN streaming is dependent on the browser and operating system used on the client device, is referred to as an ephemeral port, and would be covered under a TCP Any rule. The destination port used is TCP 443.

Meraki Firmware Release Process

Change: Added section "Other available versions".

Meraki Authentication Server Certificate Rotations

Change: Added note that the old (expired) radius.meraki.com certificate from last year will be removed from the device on December 4th, 2023.

Organization Settings

Change: Updated note that MSP accounts with multiple organizations having different idle timeouts configured, will follow the strictest configuration, meaning the shortest idle timeout.

Alerts and Notifications

Change: Added section "Mobile App Notifications for Alerts".

Two-Factor Authentication

Change: Added note that you will need to first Disable Two-factor authentication then start the Configuration again,  if it is needed to change the authenticator app after setup.

2 Replies 2
Inderdeep
Kind of a big deal
Kind of a big deal

@JohnIngram : Thanks for sharing 

Regards/Inder
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com
PhilipDAth
Kind of a big deal
Kind of a big deal

For "Cisco+ Secure Connect - Remote Access" I would like to see a section on "licencing requirements" added, perhaps under prerequisites.  Basically, how do you licence remote access users?

 

For example, "Cisco Plus Secure Connect Complete Foundation" being limited to 10 "trial" users, and if you use "Cisco+ Secure Connect Complete Essentials" how to you add on more licences, and what the AnyConnect Licence requirements are.

 

Also the Meraki and Cisco licence documents don't align properly.

https://www.cisco.com/c/en/us/products/collateral/plus-as-a-service/secure-connect-now-ds.html 

 

https://documentation.meraki.com/CiscoPlusSecureConnect/Cisco__Secure_Connect_Now-_Sites/Cisco__Secu... 

 

 

I can't even get pricing for "Cisco+ Secure Connect Complete Essentials" for remote access - Cisco tell me that while this product exists it is not orderable.

 

 

I can't even figure out the skus and licences to be able to sell a working solution for remote access.  My local Cisco and Meraki people can't tell me either.  I've hit a dead end.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.