Meraki

Community

MR76 Extending the LAN for wired clients (bridge mode) using integrated port on the MR76

Solved
RobbyD
Conversationalist
‎Sep 19 2023 11:37 PM
‎Sep 19 2023 11:37 PM

MR76 Extending the LAN for wired clients (bridge mode) using integrated port on the MR76

We are in a need to extend a group of devices connected to a industrial POE Switch located in a shack outside the building and a bit far out that we cant place the AP inside the shack so the AP needs to be weather proof thus the use of an MR76.

 

connectivity description:

shack devices > industrial switch with POE powering the AP and  some of the devices > MR76 on a pole outside the shack,>  wireless connection to meraki mesh APs that is wired connected to the main network, where the controllers for the shack devices are located.

 

Was able to configure the Bridge SSID on the dashboard, but when it came for me to configure the port profile to assign the port on the MR76 to the SSID, the MR76 is not in the list of devices on the device selection to assign the port profile. Does this mean im not able to use the MR76 to bridge the wired clients to the mesh? is it because it only has 1 ethernet port and its meant for lan uplink only?

 

what's my option here?

0 Kudos
1 Accepted Solution
In response to RobbyD
Ryan_Miles
Meraki Employee All-Star Meraki Employee All-Star
Meraki Employee All-Star
‎Sep 20 2023 12:33 PM
‎Sep 20 2023 12:33 PM

Meaning you have other mesh repeaters APs in this network and people could gain access to it physically to connect to the eth port and it would still be powered via some other source?

 

The wired port config is a network wide setting. I suppose the only way to limit the scope here is move two APs to their own network. One is the gateway and one is the repeater.

View solution in original post

10 Replies 10
GreenMan
Meraki Employee All-Star Meraki Employee All-Star
Meraki Employee All-Star
‎Sep 20 2023 2:48 AM
‎Sep 20 2023 2:48 AM

Por profiles don't apply to MR76 - see here:  https://documentation.meraki.com/MR/Client_Addressing_and_Bridging/Port_Profiles#Applying_profiles_t...

 

It is possible though, in principle, to extend wired LANs across a Meraki MR-based wireless link, in roughly the way you want.   You will want to read this thoroughly, if you haven't already:    https://documentation.meraki.com/MR/Wi-Fi_Basics_and_Best_Practices/Extending_the_LAN_with_a_Wireles...   You'll note that port profiles are not used as part of this setup.

Ryan_Miles
Meraki Employee All-Star Meraki Employee All-Star
Meraki Employee All-Star
‎Sep 20 2023 7:22 AM
‎Sep 20 2023 7:22 AM

For a visualization it should look something like this example. Just make sure in Network-wide you map the "clients wired directly to Meraki APs" to a SSID with the VLAN you want. It can be any bridge mode SSID including a SSID already used for regular wired clients.

 

Screenshot 2023-09-20 at 07.16.17.png

In response to Ryan_Miles
RobbyD
Conversationalist
‎Sep 20 2023 11:52 AM
‎Sep 20 2023 11:52 AM

Thank you for your response both, is there no way to set this with a limited set of APs? because what is being suggested would mean all our AP, network wide, if we plug a device on any ethernet port on any AP will pass traffic since SSID authentication is not used for clients attached to physical port which would be a security hole.

 

will allowing the SSID be available only to the repeater AP and the nearest mesh AP means that the other AP in the network will not pass traffic to that vlan if something is plugged to the ethernet port?

0 Kudos
In response to RobbyD
Ryan_Miles
Meraki Employee All-Star Meraki Employee All-Star
Meraki Employee All-Star
‎Sep 20 2023 12:33 PM
‎Sep 20 2023 12:33 PM

Meaning you have other mesh repeaters APs in this network and people could gain access to it physically to connect to the eth port and it would still be powered via some other source?

 

The wired port config is a network wide setting. I suppose the only way to limit the scope here is move two APs to their own network. One is the gateway and one is the repeater.

In response to Ryan_Miles
Dunky
Head in the Cloud
‎May 28 2024 3:22 AM
‎May 28 2024 3:22 AM

Hi Ryan,

We are now close to placing orders for a LAN Upgrade that includes two MR76's to provide a mesh link across a road to another building.  The remote building will have an MS switch and a couple of MV cameras connected.

Will the remote MR76 boot up ok given that the LAN side of it wont have any internet hence dashboard connectivity when it boots, i.e. the mesh needs to form before the remote MR/MS/MV will have internet connectivity.

 

 

 

0 Kudos
In response to Dunky
Ryan_Miles
Meraki Employee All-Star Meraki Employee All-Star
Meraki Employee All-Star
‎May 28 2024 7:26 AM
‎May 28 2024 7:26 AM

Yes, that will work fine. I would first boot all that gear up in a lab so the devices can update to the latest firmware and grab their configs. But it's not mandatory. 

In response to Ryan_Miles
Dunky
Head in the Cloud
‎May 28 2024 7:35 AM
‎May 28 2024 7:35 AM

Thanks Ryan, yes that is my plan to build in a lab first.

 

Once deployed, when we do MR firmware upgrades is there any special consideration for this setup - i.e. with downstream switches you can do staged upgrades to prevent an upstream switch from rebooting whilst the downstream ones are still downloading firmware.

0 Kudos
In response to Dunky
Ryan_Miles
Meraki Employee All-Star Meraki Employee All-Star
Meraki Employee All-Star
‎May 28 2024 7:39 AM
‎May 28 2024 7:39 AM

No specific guidance that I've seen. But to be safe with this setup you could just schedule the firmware jobs for different times. So, for example if there's new firmware for the MR, MS, MVs update the Cameras first, then the Switch, then the AP. Keeping in mind that will of course cause two reboots of the AP (two outages for the remote building).

0 Kudos
In response to Ryan_Miles
Dunky
Head in the Cloud
‎May 28 2024 7:41 AM
‎May 28 2024 7:41 AM

Sorry, I meant on the MR's - i.e. non danger of the upstream MR taking out the downstream one whilst its still downloading firmware?

0 Kudos
In response to Dunky
Dunky
Head in the Cloud
‎Oct 18 2024 7:02 AM
‎Oct 18 2024 7:02 AM

Just wanted to thank @Ryan_Miles for all your help and here are the MR76's 'in the wild' so to speak with the sector antenna fitted....

Dunky_0-1729260080215.png

Dunky_1-1729260104934.png

We are getting 190-200Mbps across the link

Back to the top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.