Started off the dat trying to build a group policy in dashboard to allow facebook access for some users. And found so many cans of worms that I dont know where to start and can use some guidance.
When I hit event log I see a computer that Meraki associates my AD account signing into, but not my computer. I click on that computer and it than says someone else is has authenticated to it (Still not the person actually signed in), and that it is now on a completely different VLAN.
So list of different issues, Im not to sure where to start. Anyone able to point me in the right direction? Is there any more information that might be helpful?
Sorry about the delay, last week quickly got away from me but I figured out the problem and have another.
We have a Cisco 3850 stack as a core. So all the routable VLANs come back to core, core redirects to management VLAN which is set to default gateway, and than is sent to MX. This is resulting in all of our internal traffic being seen as traffic from our core and not from all the endpoints and I think that is where the mixup is happening.
1. If we break up the network and do not go with the "Combined Hardware" style, and than track via IP instead of MAC, would this fix the issue? Would this also enable us the ability to use Group Policies in Meraki?
2. Is there another way to do it? Right now the only VLAN that is routed in the core and defined in the MX is the management VLAN. I was thinking adding the VLANs to the MX and setting the native VLAN to the Mgmt VLAN. This would add a lot of broadcast traffic to the MX that would need to be filtered through but I am not entirely sure it would not cause issues with double reporting in the MX.