Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Cisco Meraki Adaptive Policy - MS switching SGT packets

TMOHR87
Comes here often
Tuesday
Tuesday

Cisco Meraki Adaptive Policy - MS switching SGT packets

Need to confirm if Meraki switching HW model MS120 will pass or be able to identify/forward SGT's (Secure Group Tags) via CMD packet header to a tagged network/endpoint or MR44 WAP?

 

Not finding any clarification here:
Adaptive Policy MS Configuration Guide - Cisco Meraki Documentation

 

Thanks!

 

-Todd

Labels:
0 Kudos
Subscribe
8 Replies 8
KarstenI
Kind of a big deal
Kind of a big deal
Tuesday
Tuesday

MS120 is not SGA capable. Only MS130-X and the Catalyst platforms.

Subscribe
In response to KarstenI
DustinS
Meraki Employee
Meraki Employee
Tuesday
Tuesday

Adaptive Policy is also supported on the MS130R platform.

0 Kudos
Subscribe
In response to DustinS
KarstenI
Kind of a big deal
Kind of a big deal
Tuesday
Tuesday

Oh, yes, I forgot about that nice little device!

0 Kudos
Subscribe
In response to DustinS
DarrenOC
Kind of a big deal
Kind of a big deal
Tuesday
Tuesday

Hi @DustinS 

 

This document only refers to:

 

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Adaptive_Policy_Overv...

 

Hardware Requirements:

  • MS390 / C9300-M: all models


probably worth a review and update.

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
0 Kudos
Subscribe
In response to DarrenOC
DustinS
Meraki Employee
Meraki Employee
Tuesday
Tuesday

Thank you for pointing this out. The document has been updated.

Subscribe
In response to DustinS
PhilipDAth
Kind of a big deal
Kind of a big deal
Wednesday
Wednesday

To add further to this, you have to be using the super new beta MS17 code to get SGT on MS130X/R.  The release notes state these MS130s are supported

 

  • Adaptive Policy on MS130X/R models

 

On the C9300 you have to have an MS "Advanced" licence.  For MR you have to have an "MR Advanced Licence".

 

I can't find anything about licencing for the MS130X/R to enable adaptive policy, and I can not find any related licences than can be ordered.

 

I have every licence you can think of, an MS130X, and are running the MS17 beta software and I don't get the option to enable SGT on an MS130X.  It works fine on a C9300 in the same network.

 

 

My thoughts - if you want to use SGT stick to the C9300 at this point in time.

0 Kudos
Subscribe
DustinS
Meraki Employee
Meraki Employee
Wednesday
Wednesday

Correct. Hardware support for MS130X/R switches is being delivered in MS17, which recently entered Beta.

For a limited period of time, Adaptive Policy is available to trial free of charge via the Meraki Early Access Program. Users can navigate to this page in dashboard and opt-in to "Adaptive policy (AdP)on MS130X and MS130R", thus enabling it to work on MS130X/R switches 

If you opt-in to use AdP on the MS130X/R - you are presented with a disclaimer in Dashboard that states use of this feature will require an advanced license after the limited trial ends. We will communicate the end of the limited trial period well in advance to allow users who desire to use AdP plenty of time to purchase licensing.

Advanced licenses for MS130X/R switches are available to purchase today in both co-term and subscription licenses. 

0 Kudos
Subscribe
In response to DustinS
PhilipDAth
Kind of a big deal
Kind of a big deal
Wednesday
Wednesday

I just tried this - and it worked!

 

And even better, some of the "quirks" I had ran into using Adaptive Policy not longer exist in MS17.  This feature is now working much better.

Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.