Congrats to all !   ... View more

Yes, it’s definitely possible to use MPLS as the primary link and keep SD-WAN as a failover on Meraki. The setup is actually straightforward once you configure routing correctly. :https://community.meraki.com/t5/user/viewprofilepage/user-id/102579 e.g. this post  How to Set It Up 1. Build a static route for MPLS On both MX devices (hub + spoke), create a static route that points to the MPLS next-hop. Mark it as "active when next-hop responds" so the MX automatically disables it if MPLS fails. Because it’s a static route, it becomes the preferred path. 2. Keep SD-WAN VPN enabled as the secondary path SD-WAN will continue forming VPN tunnels over the WAN ports. When MPLS drops, the static route becomes inactive, and the MX automatically shifts traffic to the SD-WAN VPN tunnel. 3. (Optional) Use VLANs if needed If MPLS comes in as a Layer 3 handoff (not simple LAN), you may need a separate VLAN or transit network. But if it’s a simple handoff and you want it clean, you can keep your basic setup. 4. No extra hardware required Your MX68 → MX95 hub/spoke setup works fine for this design. MPLS acts like a LAN path to the hub, while SD-WAN is your internet-based fallback. What You Get MPLS = Primary route (preferred due to static route) SD-WAN = Automatic failover (when MPLS next-hop stops responding) No manual switching No added equipment Simple, stable configuration for SMB ... View more

I just wanted to point out that the PowerShell command here does not provide a complete list.  It only shows one PID per unique "Local Address".  So if you have 2 different applications using the same port on 0.0.0.0, only one will show with this command.     It is not as clean, but netstat will get you everything.  There is probably some parsing that could be done to ONLY display the port you want, but i haven't taken the time.   Examples run on the same system at the same time:     Get-NetUDPEndpoint -LocalPort 5353 | Select-Object LocalAddress,LocalPort,OwningProcess,@{ Name="ProcessName"; Expression={((Get-Process -Id $_.OwningProcess).Name )} }   LocalAddress LocalPort OwningProcess ProcessName ------------ --------- ------------- ----------- :: 5353 2340 svchost 0.0.0.0 5353 2340 svchost   ------VS------ netstat -nabqp UDP   Active Connections Proto   Local Address   Foreign Address   State <SNIP> UDP 0.0.0.0:5353 *:* [chrome.exe] UDP 0.0.0.0:5353 *:* Dnscache [svchost.exe] UDP 0.0.0.0:5353 *:* [chrome.exe] UDP 0.0.0.0:5353 *:* [msedge.exe] UDP 0.0.0.0:5353 *:* [msedge.exe] <SNIP>   ... View more

Thanks, I'm a newbee.! Found under manufacturer. Store Name = xxxxx, Client: <type>, MAC: 00:40:84:53:48:27, IP: 10.11.229.60, OS: None, Manufacturer: Honeywell, DeviceTypePrediction: None ... View more

I just tried, and it said "Routed ports are not allowed on this device". ... View more

Yes, that's the strange thing. The api doesn't match with the gui, or real live. Or i'm questioning the wrong api.   ... View more

Closing the loop on this , I'm now able to see the banner :    I might have some cleanup to do. ... View more

It worked , but still not pleasant. ... View more

I'm curious since TLS decryption is available on C8xxx routers in SD-WAN that they will once again try to make that available in MX mode. ... View more

Can any of you try a port that is down/disconnected ? Ports that are Up are working on my end , only ports that are down are affected. odd.. ... View more

Thanks for your input @pjc On some sites before we put in CW9172's we did deploy some MR36's and these were almost the same in terms of coverage with the MR33's. Therefore we assumed (wrongly) that the CW9172's would be the same or similar, but looks like we were wrong and the CW9172 do not perform as well. ... View more

For what its worth.  We disabled 802.11be and and have been stable(ish) from a roaming / client association standpoint.   At least the phones stopped ringing.   We are using CW9176I  WPA3 2.4 / 5 / 6ghz radios enabled on MR 31.1.8.  Tuning off BE was the biggest impact for stability.   Now why did we pay for WiFi 7 when we can't use it...  Maybe one day....     ... View more

@Oren , @MinseK    We are going to enable AI-RRM on a large Organization ( 5100 APs ) before the end of the year.    I'm still wondering if the raw data will be available via API. I'm trying to "sell" this licence/feature to management and prove this was a good investissement.    I can see that we have these graphs directly from the dashboard :  Having these scores via API would help us a lot. ... View more

For sure , as mentionned by alemabrahao and Philip , you might encounter limitations. ... View more

Also, as soon as the user permission changes (read to write, write to read, network admin to org admin, etc’) - their API key’s privileges will reflect the change too. ... View more

Well that was an annoying 30 mins. Thanks for the link. ... View more

I enabled it via Early Access, but I'm not able to fill the energy prices in the Network so I also requested access for the Beta. This is very interesting from a sustainability perspective. ... View more

I wonder if this :  Corrected an issue that could result in MX appliances reaching out to Cisco Umbrella endpoints even when the Cisco Umbrella integration was not enabled. (MX-11668)   Is the case that I have opened back in feb 2024* lol ... View more

To close the loop on this, the documentation has been updated and the "nonce" reference has been removed. ... View more

If you go Organisation/Overview you can see a map of all your devics, which ones are alerting, and which ones are down.       This allows you to quickly see if an outage is related to a geographic region or is widespread.     ... View more

Perfect then , I'm closing this thread.   I just wanted to scare you a little bit on this Halloween day 😉               ... View more

Thank you all, Monday we have a TAC session between 3 and 4 and will share their findings.  for today i turned off a second SSID we were setting up for EAPTLS with corporate laptops and the other guest internet SSID suddenly started working!!  so currently no device roaming, no drops and all looks good.  TAC have also admitted there is a separate ongoing investigation into the CW9176I ap due to customer issues.  ... View more