Meraki MX & Cisco Umbrella

Shadius
Building a reputation

Meraki MX & Cisco Umbrella

Hi all,

 

I would like to know how to remove Cisco Umbrella from a Meraki network.

 

I want to be sure that anything that was previously linked or had anything to do with Cisco Umbrella is totally gone from the network/organization.

 

How can I achieve this?

 

 

12 Replies 12
PhilipDAth
Kind of a big deal
Kind of a big deal

It can be linked in several places.  Off the top of my head:

Shadius
Building a reputation

So I've removed the integration with the Umbrella API and the Cloud On-Ramp.

 

Not using MR.

 

Would those be the only places to check to make sure I'm 100% Umbrella-free?

PhilipDAth
Kind of a big deal
Kind of a big deal

You need to check DHCP as well (if the MX is doing DHCP).

Shadius
Building a reputation

Thanks @PhilipDAth 

 

The MX is not running DHCP. We run DHCP from our Windows Domain Controller(s).

DarrenOC
Kind of a big deal
Kind of a big deal

Hi @Shadius , mind if I ask why the need to remove Umbrella?  Replacing with another solution?

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
PhilipDAth
Kind of a big deal
Kind of a big deal

I've had zero issues with clients on 16.16.

 

As a test, try turning off threat protection to see if the issue goes away.  If it does, turn it back on again and look for which signature is firing.  Then you can either address the vulnerability it is detecting, or whitelist it to ignore the IPS signature.

Shadius
Building a reputation

So I thought everything was working fine when we deployed Cisco Umbrella, but something seems to have gotten screwed up. We have a fiber connection and now the speeds have dropped from 1000Mbps to 100Mbps and somehow we're having issues with Outlook.

 

So I'd like to just return the network pre-Umbrella for now until I can figure out where I went wrong.

CptnCrnch
Kind of a big deal
Kind of a big deal

100 Mbps seems quite odd. Currently, tunnels to Umbrella are limited to 250Mbps, so you'll not see your fiber connection using its full capability.

 

Outlook issues? Have you excluded M365 services from your Web Policies? 

Policies -> Web Policy -> Global Settings -> M365 Compatibility

Shadius
Building a reputation

So even with Umbrella enabled, we'd be losing speeds?

 

Then Umbrella might not be worthwhile if it would mean us not getting our fiber speeds that we're paying for.

CptnCrnch
Kind of a big deal
Kind of a big deal

Guess I should get into more detail here:

The current limit is 250Mbps, you could get in touch with your sales rep as it can be uplifted to 500Mbps (depending on your sizing).

 

If you want to leverage the full speed of your fiber connection, you can additionally use more than one tunnel, by using Traffic Shaping you would at least achieve that.

Shadius
Building a reputation

Very interesting and a bit concerning.

 

We definitely don't want to lose any speeds with our fiber connection.

 

Any documentation you can point me to so I can dig into this a bit more?

CptnCrnch
Kind of a big deal
Kind of a big deal

The limitations are mentioned here: https://documentation.meraki.com/MX/Meraki_Umbrella_SDWAN_Connector/Deployment_Guide#Sizing_Consider...

 

As you always have two seperate tunnels running, you could simply use MX's SD-WAN Policy feature:

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/SD-WAN_and_Traffic_Shaping#SD-WAN_p...

Get notified when there are additional replies to this discussion.