I have two Meraki MV cameras plugged into a Meraki switch. They show intermittent connections and are not getting added to my dashboard even after "Claiming" them.
Here is a clip of the logs:
Feb 27 05:50:19 | ac:17:c8:aa:75:c6 | Port status change | port: 23, old: down, new: 1Gfdx | |
Feb 27 05:50:16 | ac:17:c8:aa:75:c6 | Port status change | port: 23, old: 1Gfdx, new: down | |
Feb 27 05:49:59 | ac:17:c8:aa:75:c6 | Port status change | port: 23, old: down, new: 1Gfdx | |
Feb 27 05:49:37 | ac:17:c8:aa:75:c6 | Port status change | port: 23, old: 1Gfdx, new: down | |
Feb 27 05:45:17 | ac:17:c8:aa:75:c6 | Port status change | port: 22, old: down, new: 1Gfdx | |
Feb 27 05:45:15 | ac:17:c8:aa:75:c6 | Port status change | port: 22, old: 1Gfdx, new: down | |
Feb 27 05:44:59 | ac:17:c8:aa:75:c6 | Port status change | port: 22, old: down, new: 1Gfdx | |
Feb 27 05:44:36 | ac:17:c8:aa:75:c6 | Port status change | port: 22, old: 1Gfdx, new: down | |
Feb 27 05:35:22 | ac:17:c8:aa:75:c6 | Port status change | port: 23, old: down, new: 1Gfdx | |
Feb 27 05:35:19 | ac:17:c8:aa:75:c6 | Port status change | port: 23, old: 1Gfdx, new: down | |
Feb 27 05:35:03 | ac:17:c8:aa:75:c6 | Port status change | port: 23, old: down, new: 1Gfdx | |
Feb 27 05:34:40 | ac:17:c8:aa:75:c6 | Port status change | port: 23, old: 1Gfdx, new: down | |
Feb 27 05:29:56 | ac:17:c8:aa:75:c6 | Port status change | port: 22, old: down, new: 1Gfdx | |
Feb 27 05:29:53 | ac:17:c8:aa:75:c6 | Port status change | port: 22, old: 1Gfdx, new: down | |
Feb 27 05:29:37 | ac:17:c8:aa:75:c6 | Port status change | port: 22, old: down, new: 1Gfdx | |
Feb 27 05:29:14 | ac:17:c8:aa:75:c6 | Port status change | port: 22, old: 1Gfdx, new: down | |
Feb 27 05:20:00 | ac:17:c8:aa:75:c6 | Port status change | port: 23, old: down, new: 1Gfdx |
Maybe they reboot because they dont get a dashboard connection. First make sure you see them in your dashboard.
Do you get any error or message when adding them?
Check your Organization > Inventory, see if the 2 cameras are showing up there, if not, they were not claimed into your Dashboard Organization, and you can open a case with Meraki Support in case there's some issue with your order number, but you should also be able to claim them by serial number - although that wouldn't also claim the license that might have been on the same order, so reach out to your Meraki rep or Support to also claim the license key for the two additional cameras.
If the 2 cameras ARE showing up in your inventory, I'm guessing they're not assigned to a network yet. Turn on the "name" and "network" columns on your inventory page to confirm, and select them both and add them into the network where they are being connected. Let us know if that was the case and they're still not coming online.
If you go into the individual switch ports page, where you can see the CDP/LLDP info, are they showing up as MV Cameras and below that does the switch port show the camera as a current client and does it have an IP and VLAN? And if so, can you ping it? There should be a live link to ping it right from that same page.
Thank you!
Yes they are in Inventory and No they are not assigned to network or name.
I added them to the network. Its showing now and they periodically have orange dots and back to green on and off.
@Trabel if you hover your mouse cursor over the orange part of the connectivity bar what does it report?
It is periodic. It'll be orange and green.
I didn't see that step in any of the Meraki upstream firewall documentation.
I don't see any blocks on the firewall for those ports going out accept the cameras attempting at to reach 108.161.147.44 on TCP8890.
I'm not sure why Google Play Store is critical for the Cameras operation which seems to be what 5228-5230 is for.
@Trabel Just because port 5228 is commonly used by Google playstore doesn't mean they own that port range.
Something on your network whether its firewall or DNS is stopping the cameras from communicating with the dashboard. Have you tried factory resetting the cameras to see if that helps?
Haven't done a factory reset. That may be something since only one of the two cameras is having issues. It won't ping from the dashboard but I can ping its IP on my network.
With the 5228-5230 firewall port access, wouldn't I see the IP of the cameras attempting to hit it?
Yes, they're getting DHCP
I see them connected as Assets in the dashboard however I don't see the "Cameras" link in the left menu.
I didn't see any errors.
If you do not see a "Cameras" menu option in addition to the "Switch" menu then perhaps the cameras are in a different network. If you want them in the same Dashboard network, select the network drop down and choose "view all networks" and select both and click the combine button.
This sounds like it's something upstream related. Have you had a chance to confirm the cameras have the proper outbound connectivity to communicate with Dashboard? Is there an alternate VLAN you can place them on, perhaps temporarily, with open Internet access, just to rule out an upstream ACL or firewall or NAT boundary issue?
If the cameras are getting a DHCP address on the correct VLAN and are pingable, it's pointing to an upstream issue. Many times it's plug and play if outbound traffic is allowed by default and your stateful firewalls naturally allow the reverse inbound traffic. But in some environments with more restrictive firewall policies, where even outbound access is restricted by default, you may need to open some ports to specific subnets in the Meraki cloud.
Meraki Dashboard has a self-maintaining spreadsheet of exactly what rules would be allowed, based on what you have deployed and what features you have enabled. You'll see it under Help > Firewall Info.
One other thought, in addition to pinging between the switch and the camera, can you get positive reaults when you select "Ping Camera" from the Dashboard itself?
Point taken on the documentation, I've mentioned in the past this should be a footnote in the various installation guides, I think I've perhaps seen it referenced in some, but definitely not in others. Will remind the documentation team.
Thank you for the detailed update!
I have opened all necessary access to the IP's and ports recompensed by Meraki. The 5228-5230 one that was just noted earlier that doesn't make any sense as the camera IP's show zero attempts at reaching it in my firewall event log. TCP8890 and NTP are the only ones getting blocked.
Only one of the two cameras have plugged in appears to be having an issue. Might be isolated to the camera itself.