Hi,   You shouldn't need routes setup on the vMX, as you should see them advertised over the VPN from the MX.   If you take them off do you see them advertised?   As suggested packet captures will help troubleshoot   Good luck ... View more

A agree with @Raj66 .   >antennas like that band steering will seriously mess you up   Hmm, interesting question.  I think I would leave band steering off.  If a client can only just hear the 5ghz signal the AP wont send them a beacon on the 2.4Ghz band. https://documentation.meraki.com/MR/Radio_Settings/Band_Steering_Overview#How_Band_Steering_works   >are they best for point to point or to cover an area like a flashlight would, or does it not really matter and it can do both,  They can do both.  For example, they are often used in warehouse isles to point down between the shelves. ... View more

The above statement is correct. While device ownership can be transferred between end customers, licensing can not. See the following link from meraki documentation explaining the guidelines regarding this. https://documentation.meraki.com/zGeneral_Administration/Inventory_and_Devices/Cisco_Meraki_Devices_purchased_Second_Hand ... View more

Thanks @Raj66    Why would this newly transplanted MR52 set on repeater mode which is now a Gateway have so much trouble seeing current mesh neighbors? Does it take time to find them? Automatic should allow that discovery on boot, no?  ... View more

@Priesty I have never tried Power Bi or any other restful APIs but it worked with MQTT for me. What error are you seeing when running the query? The following document would be a good starting point to see if you have everything configured correctly.   https://developer.cisco.com/meraki/mv-sense/#!rest-api/enable-api   Cheers!   Raj ... View more

  @MeredithW and @CarolineS , I forgot to thank you for the swag. But since I found it violated yesterday I was reminded of that. Thanks! ... View more

Hi, @Azamat    Chances are there is already a route in the routing table with a lower cost/AD to the destination, therefore it will use that by default. Check to see if you have a default route or a direct connect. I use OSPF with our one armed concentrator and it works very well. Something to think about as it's much easier to scale. ... View more

Agreed.  My problem is pushing out the agent, not pushing out additional apps.  I suspect that once the agent is installed then I will be able to push out additional apps successfully as well. ... View more

Yep, this needs to be done alot if your provider router only has one LAN interface and you need to connect an HA firewall pair. Just use an external VLAN on your switch. Make sure that VLAN is pruned off from any trunks inside the LAN and make sure your switch mgmt ip is on an internal VLAN. ... View more

I really like the way VLAN's are handled in Meraki Dashboard. ... View more

that depends if you want the MR to be in the same subnet as the MS. Secondly if you want to configure the multiple subnet then you need to configure MS port as trunk or if you want to advertise only single subnet then it would be access port. ... View more

Thanks for reporting back @GergelyK . ... View more

I would say customize the splash page. You can make more fields and write the code to send an email with those fields data to the approver. Ideally you could use a Google Form and have all the fields you want and then have those pushed in the email, but that isn't available yet. Sponsored guest is pretty new (no API calls im aware of) so I would expect updates in the pipeline. ... View more

I would recommend to tell them also, to get the IP out of the dhcp pool after you put it as your APs static IP... Otherwise another device yould get that IP when your MR is offline several hours or days, depending to their leastime. ... View more

The 2nd network's admin (a contractor) says that while the SonicWall can do VLANs, they're not configured for it. I confirmed the static LAN IP and their static routing is still 192.168.0.135 as before with the Cisco, so using the same settings on Meraki should work. <br>Troubleshooting late yesterday he attempted to sidestep the VLAN tagging issue by making a VLAN 2 on his router with the subnet 192.168.1.0/24, bridge interface IP 192.168.1.135, and having it static route everything from 192.168.0.0/24 both ways, leaving the original network unchanged and un-disrupted. Still no joy. ... View more

Hi Raj, Thank you for that, works perfectly. Had a feeling it would be buried somewhere. Thanks Gary ... View more

Yes, they work as normal as if you would have something else from meraki there.     ... View more

@PhilipDAth wrote: Double check the pre-shared key.  Note that some clients don't handle complex passwords for the PSK, so if yours is using puntucation symbols and the like try making it simpler.   However, most LTE providers don't let client VPN traffic through like this.  You may be able to use a different APN that does not run through a firewall.  For example, if you are in New Zealand the APN "internet" gives you a public IP address and does not have any ports blocked by the Telco. On the mobile phone I have configured and activated the appropriate "Internet" APN, but there appears to be a common IP address for all Internet users. I did not need this additional profile to access the internet previously, and had no difficulty accessing OneDrive. ... View more

If you have a spare device what is unused, be sure it isn't in any network..   devices can be in you inventory without taking a license 😉 ... View more

Hello Philip am enrolling a windows 10 laptop ... View more

>Since that traffic from the trusted IPs can be sniffed easily, then the attacker can spoof the IP easily and get around it.    RDP traffic is encryted, so sniffing is not really an issue in this case.   Spoofing the IP address and maintaining a TCP stream is non-trivial for a connection that runs over the Internet when you don't hace access to the source (aka you are a remote man in the middle).  For a start you don't get any of the return traffic.  Just forming the TCP session is a mission. ... View more