About tantony

tantony · ‎02-28-2019

Thank you. When you say RADIUS server, do you mean an actual server or can the MX be a server? Can I use something like https://jumpcloud.com?

tantony · ‎02-28-2019

I'm using Meraki Cloud authentication for VPN, and it's working well. My question is, what's the difference between RADIUS and Active Directory (AD) authentication for VPN? I know for AD, the user logs in with their username and password. What about RADIUS? Where is the username and password info coming from? Is that still coming from AD or do I need to create it locally on the Meraki? Also, I know with AnyConnect you could use RSA for 2 factor authentication. Is there anything for Client VPN? Right now, we have one VPN account for Meraki cloud authentication, and everyone is using that one account for VPN. I think it might be better for each users to have their own account.

tantony · ‎02-27-2019

I guess it's a Windows 7 issue because when I connected to VPN on Windows 7, I could ping it by ip and dns. But, if I try to go to folder by unc path, it won't work, only by ip. I just changed the path from dns to ip address, so it's working now.

tantony · ‎02-27-2019

Ok that’s what I thought. I tried the same file path and I had the same issue. We we had a power outage so we had to shutdown all of our servers. I restarted the servers when the power came back. So may be something to do with it. Thanks

tantony · ‎02-26-2019

Can I make an account in AD, and create an alias pointing to abcd@company.com?

tantony · ‎02-26-2019

I’m using Meraki cloud authentication for VPN, so the username is in abcd@company.com and password format. After a user connect to VPN, and try to go to a file path, it’s prompting to login again. They can only access the files if they login with their AD account. How can I fix this?

tantony · ‎02-26-2019

We've been getting lots of DoS attacks on our Comcast router, so I changed the firewall on the Comcast router from minimum to maximum hoping this will prevent more DoS attacks. I noticed that when I have the Comcast firewall to maximum, Meraki thinks it lost connection to the Meraki Cloud, but obviously not because I can surf the internet. When I switch the Comcast router firewall to minimum, Meraki regains connection back to the cloud (even though it never lost connection). Any recommendations? Is it a good idea to have the Comcast / ISP router firewall to maximum? Is there a way to make MX84 aware it is connected to the cloud?

tantony · ‎02-26-2019

I think it's a user or Windows 7 issue because other people who are on VPN can connect by DNS with their Windows 10 computers. We only have this one user using Windows 7.

tantony · ‎02-24-2019

I’m using a MX84. I can ping the dns server by its ip but not by its dns name. For example, I can ping 172.16.0.25, which is the dns server. It’s bostame is scaserv1, but I can’t ping it. Any my idea why?

tantony · ‎02-01-2019

Does Meraki have any long range APs? I need something that can provide coverage up to 3 miles. Something like this. https://www.amazon.com/EnGenius-directional-long-range-N-ENH500-KIT/dp/B007ZDC64I/ref=sr_1_1_sspa?s=electronics&ie=UTF8&qid=1549040351&sr=1-1-spons&keywords=engenius+5ghz+wireless+outdoor+ap%2Fclient+bridge%2Fcpe&psc=1 I didn't really see anything on Meraki website. https://meraki.cisco.com/products/wireless#models

tantony · ‎01-29-2019

Figure it out. The subnet and gw on the cameras were not set correctly. I was using the WiFi and LAN connection, that's why I could access it, and the other laptop couldn't. Everything works now.

tantony · ‎01-29-2019

I didn't have the chance to try packet capture yet, but I noticed that when I do a tracert to 172.16.63.205, it goes directly to that IP, so I only have one hop. But, the other laptop goes to 192.168.2.1 (which is a cisco 2900 router), but then it drops. Both laptops are on the 172.17.0.x ip address. I have the Cisco 2900 router connected to MX because I'm on a trial Meraki.

tantony · ‎01-29-2019

ok, I'll try that. It's weird, I can ping 172.16.63.217 (foscam camera), but not 172.16.63.205 (AXIS camera)

tantony · ‎01-29-2019

Yes, the laptop is the initiator of the ping yes I'm trying to ping 172.16.63.205, which is an AXIS camera. I can ping it from my laptop, but not from another laptop on the same network. Both laptops can ping other cameras, so I'm not sure if it's an issue with the AXIS camera. I didn't try packet capture yet. I need to check on this also.

tantony · ‎01-29-2019

Yes, same public IP on both WAN?

tantony · ‎01-29-2019

Can I have the same public IP assigned to the two WAN (internet) ports on MX68? I know the best way is to add a second internet connection for back up, but just wondering. Sorry for the misleading topic subject, I'm not sure how to edit it.

tantony · ‎01-29-2019

both machines are on the same VLAN (1) I'm sure it's the firewall because when I connect my laptop to the same switch, I have no issue, so it have to be laptop specific.

tantony · ‎01-29-2019

It's not the firewall, our firewall is managed by Symantec on both devices. Did not try the GP. I'll try that.

tantony · ‎01-29-2019

I have two laptops connected to a switch, which is connected to my MX. The MX is giving out the correct dhcp to both laptops. My problem is that one laptop can ping devices on the network, while the other laptop cannot ping the device. What could be the reason?

tantony · ‎01-28-2019

Never mind. They replaced our Comcast modem while I was on vacation.

tantony · ‎01-28-2019

I often get an email saying from Meraki saying that the "The security appliance in the network has become unreachable from the Meraki cloud", but when I look at the event log of the MX, I don't see anything. What could be causing this?

tantony · ‎01-07-2019

I have a certificate. I remember creating one for connecting AD to MX. I’ll look at LDAP.

tantony · ‎01-07-2019

I'm sorry, how would I check that? Sounds like I didn't do that.

tantony · ‎01-07-2019

I made the changes, changed the ike to "password", but when I connect using AD authentication, I'm getting. "The remote connection was denied because the user name and password combination you provided is not recognized, or the selection authentication protocol is not permitted on the remote access server" I tried to login with the username and using domain name\username I also tried to VPN with "Dial in" enabled in Active Directory for my account.

tantony · ‎01-06-2019

Thanks. I see the first 10 accounts are free. I’ll try that.

tantony

Community Record

Badges

Re: RADIUS vs AD authentication for Client VPN

RADIUS vs AD authentication for Client VPN

Re: Meraki dns issue

Re: Client VPN and user permissions

Re: Client VPN and user permissions

Client VPN and user permissions

MX84 think it lost connection to Meraki cloud

Re: Meraki dns issue

Meraki dns issue

Meraki long range AP

Re: Can't ping a device on the network

Re: Can't ping a device on the network

Re: Can't ping a device on the network

Re: Can't ping a device on the network

Re: WLAN question

WLAN question

Re: Can't ping a device on the network

Re: Can't ping a device on the network

Can't ping a device on the network

Re: MX unreachable from the Meraki cloud

MX unreachable from the Meraki cloud

Re: Meraki VPN

Re: Meraki VPN

Re: Meraki VPN

Re: Meraki VPN

Re: Can't ping a subnet from VPN

Re: Meraki MX and UniFi AP

Re: Does Meraki MX need connection to the Meraki cloud / Internet?

Re: Can't ping a device on the network

Re: Photo Contest: Be featured in the Cisco Meraki Quarterly!

Re: Odd WAN behavior

Re: Welcome! Please introduce yourself.

Your hobbies

Re: MX device local status page