iMessage multimedia being blocked on Meraki wifi

DBlum
Getting noticed

iMessage multimedia being blocked on Meraki wifi

We are getting reports from users in different organizations that iMessage is getting blocked when sending images or videos when connected to Meraki access points.  This is even with the client being whitelisted as well as turning off AMP/Content Filtering/etc as well as when the SSID is either using corp lan or meraki guest.  Users have no problems sending via Whatsapp the same images/videos.

9 Replies 9
alemabrahao
Kind of a big deal
Kind of a big deal

Do you have any firewall in your network?

 

Do you have any Layer 7 firewall rule configured on your SSID?

 

Give us more details about your network.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
DBlum
Getting noticed

Various MX's (MX68, MX75, MX95)...no layer 7 firewall rule.  I had read something about making sure icloud wasn't blocked but issue is happening at several locations where networks are both flat layer 2 and layer 3 networks.  It is just iMessage send/receive video and pictures.  Setup local is MX95 connected to MS125 and MR46 AP with client whitelisted.

alemabrahao
Kind of a big deal
Kind of a big deal

If you don't have any firewall rule, the way is open a support case.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
DBlum
Getting noticed

Case is open, they have no idea right now and  wanted to see if anyone else was having the same issue.

DarrenOC
Kind of a big deal
Kind of a big deal

Hi @DBlum , out of interest do you get the same behaviour on both wired and wireless networks?

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
DBlum
Getting noticed

So in talking with Meraki support it seems that subnet 17.250.96.0/22 is being associated to Taiwan for Apple and doing a correction with Maxmind to correct since they use them for geolocation. Weird thing they are still checking on is that whitelist is also being affected by Geolocation layer 7 rules.

4TireFire
Conversationalist

We had to add Taiwan to our allowed countries list in the MX. iMessage pictures sent immediately.

DBlum
Getting noticed

You can use MaxMind to determine location:

https://www.maxmind.com/en/geoip-demo

 

This is what Meraki uses, I did get confirmation that it will be corrected to USA on their next update cycle next Tuesday

TBHPTL
A model citizen

Check the AP's firewall.... and AP group policies... If MX, also make sure no policy is applied to the actual MX interface.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels