Are you referring to this specific known issue in 14.34 firmware? In conditions still under investigation, group policy assignment via Active Directory group mappings is not performed correctly for MX67(C,W) and MX68(W,CW) units. Not sure if it would help but I believe you can upgrade to a 15.X train if you contact support. Might have a fix for the Radius bug your mentioning. As for #2 I would contact your account rep directly and complain. ... View more

@The_Dude   I recommend your contact your Meraki account rep directly. These forums are not really the right way to escalate an issue like this. I know they are monitored but I honestly do not know to what extent. ... View more

Which error specifically are you getting @rrehart01 ?    There were several mentioned in this thread originally. ... View more

I've not personally set it up, but here are some guides. https://create.meraki.io/build/network-alerting-in-webex-teams-with-webhooks/ https://meraki.cisco.com/blog/2018/10/real-time-alerting-with-webhooks/ https://create.meraki.io/guides/webhooks/ ... View more

I would imagine they support all major browsers, but I would lean towards Chrome if I were you. Do you have some sort of setup that auto refreshes the page every minute or couple minutes or something? That might get in front of the issue your having if you don't.   Edit: Also I understand your frustration. The old map view system all around worked great, and the new view modes have been so buggy I'm not sure how they are passing QA before they get pushed to us customers. ... View more

Seems to be working fine for me. I'm on shard n76, so if you on a different one it might not be affecting me. ... View more

Hello CHGR, Your access point needs access to the internet. It is broadcasting that SSID as a way of informing you that it can't reach its gateway. <SSID_name>-scanning Cause: Similar to 'bad-gateway', an AP is unable to connect to its default gateway. Solution: Check the AP's IP address configuration and reachability to its default gateway. The port you connected it to on your switch, you need to ensure that it can reach the internet. Make sure the port is configured correct, the right VLAN, access or trunk mode etc. If your going to assign the AP with a static IP address via the local page, make sure that you have that part configured correctly and that you have VLAN tagging enabled or disabled (depending on how you have your port setup). ... View more

Can you try the speed test with a different client and if so do you get the same 10Mbps results? Also just in case try a different channel other than 161 (most likely fine but you've got nothing to lose). ... View more

The current new built-in cellular models only support Verizon or AT&T. You mentioned you have Sprint, so these won't work. There are a variety of USB based cellular cards you can get, see the list here: Scroll down until you see 'Supported USB Modems': https://documentation.meraki.com/MX/Cellular/3G_-_4G_Cellular_Failover I however would suggest you get an LTE hotspot from Sprint, that has an Ethernet connection. Not sure if they have these models, but I know Verizon and AT&T both have them. If you get one of their hotspots that has an Ethernet port, then you can avoid any hassle/bottle neck issues with the USB's. You would simply plug it into the WAN port on any model MX you choose that fits your needs. Like an MX64 or MX65 which would be less expensive. ... View more

You could use the 'Event type ignore' option to remove what you don't want to see. ... View more

Can you confirm your settings under Wireless>Configure>Firewall and Traffic Shaping ... View more

@MacuserJim   What specifically are you running into with your MR32? If you don't mind me asking. Just curious ... View more

@MFiruz   I don't think you can do what you want. As you mentioned in the document, the track by IP is only doable by the MX, and at the same time cannot be done if using combined network (which I honestly was not aware of, so this is good to know).   Just tried it in my lab (MX/MS/MR) and got this.   ... View more

That is what I was thinking but I would imagine they knew before the public did so that they could address it internally. ... View more

I thought the same thing so I reached out and that is when they told me 25.13 has the patch. Pretty sure they were doing to address this in some sort of dashboard notification or blog but I don't recall seeing anything directly from Meraki from a PR stance. ... View more

Only option I see via API is to update group policy assigned to a single device on a specific network. {{baseUrl}}/networks/{{networkId}}/clients/{{clientMac}}/policy?timespan=2592000 { "devicePolicy": "group", "groupPolicyId": 102 } I honestly think it would be easier to do this via the dashboard. Show only the corp SSID for the past 30 days, and just select all the corp devices on the client list view and change the policy to different policies by SSID and block them from guest. ... View more

At first I thought you need to enable Network-Wide>Configure>General>Traffic Analysis>Detailed (to collect hostname visibility).   However, I have this enabled already, and I checked some event logs for my MX and I see the same thing.     I found this old thread about a beta program but it looks like its closed now. I don't see this feature on my settings page anywhere so not sure what this actually did.   https://community.meraki.com/t5/Security-SD-WAN/Need-internet-activity-log-of-each-client/td-p/7649    Not sure how to get the entire URL. ... View more

If you have the BLE features disabled then your not at risk, per Meraki support. Also they patched this in 25.13, again per Meraki support. ... View more

Adding @PhilipDAth as I know he has experience with Azure and vMX (since I don't). ... View more

Here are some link's that might help:   https://documentation.meraki.com/MX/Installation_Guides/vMX100_Setup_Guide_for_Microsoft_Azure https://www.reddit.com/r/meraki/comments/5a1nbf/meraki_to_azure_ipsec_site_to_site_vpn/ https://www.linkedin.com/pulse/cisco-meraki-azure-vpn-philip-d-ath/     ... View more

I can't find any documentation about using the new cellular models built-in LTE in addition to a USB dongle. I'm going to assume you can't. You'll just have to try it out lol. What I do know will work (even though its not technically supported) is using two MX67C. Say one has Verizon and the other AT&T. So you have your redundancy carrier wise. And you can setup warm-spare with them (again not officially supported), but it does work. Fail-over won't be seamless, its about 5 seconds or more fail-over from my testing. If your looking for more flexibility I think you could get two cradlepoints as your LTE 'modems', and plug them into WAN 1 and WAN 2 and the MX won't know they are LTE devices and just act like they are normal circuits. That would also allow you to mount them wherever you want via Ethernet cable, so they won't be stuck where the MX has to sit the way the built-in modem in the MX has to. Might get better signal that way etc. ... View more

@Johno_H   Actually after further review I'm not sure how it will work if your using that 4G dongle in addition to the built in. Not sure if you can use both to be honest   From this page: https://documentation.meraki.com/MX/MX_Overviews_and_Specifications/MX67_and_MX68_Overview_and_Specifications   Is this SD-WAN over LTE? Can LTE be used as the primary uplink? No. LTE link can be used as failover or single-uplink only.   So I know you can use the built-in LTE by itself as I have done this. It will work, just not sure what will happen if you try to use that dongle 4G thing your talking about.  A backup for the backup etc.     ... View more

This is the beauty of Meraki Auto-VPN. You don't need static IP addresses to establish the tunnels. Since they are cloud managed, the cloud knows their public IP's and takes care of all the dark magic voodoo for you. Each connection you have on the MX (WAN1/WAN2/CELL etc.) will build its own tunnel so fail-over should be smooth should one go down. In theory your design should work though. I've done something similar, but the 4G was a backup. I'm sure your aware of the financial costs you could end up with using 4G as the main circuit 😃 I'd recommend you review this as well: https://documentation.meraki.com/MX/Site-to-site_VPN/Site-to-site_VPN_Settings ... View more

Just make sure you get the ones that support it. I think its MS250 and up. https://meraki.cisco.com/lib/pdf/meraki_datasheet_ms.pdf ... View more