- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
MR76 Extending the LAN for wired clients (bridge mode) using integrated port on the MR76
We are in a need to extend a group of devices connected to a industrial POE Switch located in a shack outside the building and a bit far out that we cant place the AP inside the shack so the AP needs to be weather proof thus the use of an MR76.
connectivity description:
shack devices > industrial switch with POE powering the AP and some of the devices > MR76 on a pole outside the shack,> wireless connection to meraki mesh APs that is wired connected to the main network, where the controllers for the shack devices are located.
Was able to configure the Bridge SSID on the dashboard, but when it came for me to configure the port profile to assign the port on the MR76 to the SSID, the MR76 is not in the list of devices on the device selection to assign the port profile. Does this mean im not able to use the MR76 to bridge the wired clients to the mesh? is it because it only has 1 ethernet port and its meant for lan uplink only?
what's my option here?
Solved! Go to solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Meaning you have other mesh repeaters APs in this network and people could gain access to it physically to connect to the eth port and it would still be powered via some other source?
The wired port config is a network wide setting. I suppose the only way to limit the scope here is move two APs to their own network. One is the gateway and one is the repeater.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Por profiles don't apply to MR76 - see here: https://documentation.meraki.com/MR/Client_Addressing_and_Bridging/Port_Profiles#Applying_profiles_t...
It is possible though, in principle, to extend wired LANs across a Meraki MR-based wireless link, in roughly the way you want. You will want to read this thoroughly, if you haven't already: https://documentation.meraki.com/MR/Wi-Fi_Basics_and_Best_Practices/Extending_the_LAN_with_a_Wireles... You'll note that port profiles are not used as part of this setup.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
For a visualization it should look something like this example. Just make sure in Network-wide you map the "clients wired directly to Meraki APs" to a SSID with the VLAN you want. It can be any bridge mode SSID including a SSID already used for regular wired clients.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thank you for your response both, is there no way to set this with a limited set of APs? because what is being suggested would mean all our AP, network wide, if we plug a device on any ethernet port on any AP will pass traffic since SSID authentication is not used for clients attached to physical port which would be a security hole.
will allowing the SSID be available only to the repeater AP and the nearest mesh AP means that the other AP in the network will not pass traffic to that vlan if something is plugged to the ethernet port?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Meaning you have other mesh repeaters APs in this network and people could gain access to it physically to connect to the eth port and it would still be powered via some other source?
The wired port config is a network wide setting. I suppose the only way to limit the scope here is move two APs to their own network. One is the gateway and one is the repeater.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Ryan,
We are now close to placing orders for a LAN Upgrade that includes two MR76's to provide a mesh link across a road to another building. The remote building will have an MS switch and a couple of MV cameras connected.
Will the remote MR76 boot up ok given that the LAN side of it wont have any internet hence dashboard connectivity when it boots, i.e. the mesh needs to form before the remote MR/MS/MV will have internet connectivity.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, that will work fine. I would first boot all that gear up in a lab so the devices can update to the latest firmware and grab their configs. But it's not mandatory.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks Ryan, yes that is my plan to build in a lab first.
Once deployed, when we do MR firmware upgrades is there any special consideration for this setup - i.e. with downstream switches you can do staged upgrades to prevent an upstream switch from rebooting whilst the downstream ones are still downloading firmware.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
No specific guidance that I've seen. But to be safe with this setup you could just schedule the firmware jobs for different times. So, for example if there's new firmware for the MR, MS, MVs update the Cameras first, then the Switch, then the AP. Keeping in mind that will of course cause two reboots of the AP (two outages for the remote building).
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sorry, I meant on the MR's - i.e. non danger of the upstream MR taking out the downstream one whilst its still downloading firmware?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Just wanted to thank @Ryan_Miles for all your help and here are the MR76's 'in the wild' so to speak with the sector antenna fitted....
We are getting 190-200Mbps across the link
