Hey gang - my company ordered a VPLS circuit a while back and two of our site's circuits are completed and ready for us to connect to our network. The challenge is that I can't find any information about how to configure VPLS from a customer perspective - everything I find is related to service provider edge and within the service provider network configuration. I can't find anything from our (end-user, if you will) perspective.    I called tech support for our VPLS provider and that was zero help - they basically told us to hire a consultant. I myself do not have any experience configuring MPLS or VPLS, both technologies have not crossed paths with me during my career, but I don't want to look like a total incompetent who is unable to get this circuit working.    So, can anyone point me to a Meraki configuration guide or document that could help me bring this circuit to an up/up state?   It is my understanding that VPLS is a layer 2 technology, so, from the demarc device I would assume that I would connect from the user (hand-off) port to a switchport on one of my MDF switches.   Is this assumption correct?   If so, is there any configuration required on the switchport, considering that VPLS is MAC based and learns the network paths via MAC addresses, if I am understanding that correctly. (I do know that if I plug a Cat 6 cable into the demarc device and one of my switches the connection comes up, but what's required behind the scenes remains a mystery...)   Are IP addresses required? If so, I'm going to assume I need to tie the MX into this configuration. (But, if it's a layer 2 technology, why are IP addresses required?)   All this new-fangled technology... I'm hoping that someone will have the Magic VPLS Configuration Guide out there, or some great advice to help an old guy out. I sure would appreciate it.    Thanks!!   Twitch       ... View more

Hello to the Crew - I have a question regarding implementing VPLS with Meraki devices. I have very limited knowledge of VPLS, and materials seem to be sparse, though I am finding some on the Cisco sites, but articles specific to Meraki implementation are few and far between.   We are transitioning our connectivity between remote sites to VPLS in the very near future. Our current environment runs an MX at each site along with MS switches. My understanding is VPLS is a layer 2 technology that utilizes MAC address translation to determine network paths, basically a layer 2 WAN if I am understanding it correctly.    What typically is done Meraki-wise to configure the VPLS interface? Is there any specific configuration, port settings, etc., that are required? I do not yet have specifics from our VPLS service provider. I'm just trying to get ahead of the curve, so to speak.    If anyone has info, or links to material, I would be grateful.    Thanks!   Twitch ... View more

Hello to the crew. I was wondering if anyone can offer a recommendation for a plug to use in empty SFP ports to keep steel dust out of them? I work for a structural steel fabricator and our switches in the shop live a rough life despite our efforts to the contrary. I would like to close the empty fiber ports to protect them from the elements. The pic below shows how the steel dust builds-up around the ports, and it infiltrates every nook and cranny of every piece of technology we use in the shop. Sometimes I feel like this is the place where technology comes to die - it's just not tech-friendly. Even the racks with fans and filters are not able to keep the dust out of the switches.    Any suggestions? I don't suppose there is an official Meraki plug available that is the exact dimensions?    Thanks!    Twitch     ... View more

Morning everyone. I have a question for the crew:   We are currently fighting a CryptoMining malware attack on one of our servers. In the process of fighting it and adding rules to the firewall to block IPs/ports, I noticed that on the Threat Protection page there is a series of Whitelisted Rules under Intrusion Detection and Prevention. I did not configure this MX, but I am responsible for it now due to a former co-worker's termination.    I am trying to determine why these rules are whitelisted and what that means in terms of analyzing traffic. To me, when an item is whitelisted, that generally means it is allowed to come through, but based on the names of these rules, it appears that the traffic should be blocked instead. Here are some rule names:   - Exploit-Kit Magnitude exploit kit embedded redirection attempt - Server-Webapp DrayTek Multiple command injection attempt - Server-Webapp Zeroshell Linux Router command injection attempt   Will traffic related to these whitelisted rules bypass security, or do these rules serve some other purpose? The documentation I read didn't really provide much of an explanation of behavior.    Should I leave this rules, or delete them? My concern is they were added by two former employees who are no longer with the company.    Thanks for any help you can offer.    Twitch    ... View more

Hello all - I am continuously getting email notifications "There was a VPN connectivity change..." in our MX100. These emails indicate that the connected went down, followed by another email usually less than a minute later saying that the connection has come back up.    When this happens, I do not get any reports from remote users that they are being kicked-off or losing connectivity. From their perspective the VPNs appear to be stable.  I noticed in the Dashboard that I can turn these alerts on or off, but I cannot adjust the threshold for reporting that a VPN connection has gone down. I would like to continue receiving these alerts in case a connection actually does stop working, but at this point it's almost like the Boy Who Cried Wolf. Between 12:48 AM and 12:43 PM today I have received 32 separate emails reporting a VPN "problem."   Has anyone else experienced this? If so, were you able to find a resolution?   Could it possibly be a configuration issue with the VPNs?   Is there a way to adjust the reporting threshold?   I realize that it could also possibly be an issue with our WAN service providers as well between our corporate office and the remote sites.    Thanks much!   Jim     ... View more

I'm curious - has anyone actually been able to attend the ECMS2 training? I have never heard a single reply to my multitude of requests for a seat since the training was announced.   While the course is free I have a much better chance of justifying the trip to my company. Once Cisco puts the typical $2,000+ price tag on the course my opportunity to attend disappears like a fart in the wind.    I have even had our sales rep who sold us our shiny new Meraki infrastructure get in-touch with his contacts at Meraki, and still nothing but crickets.    Does the training actually exist, or is it a unicorn at this point, only available to a privileged lucky few?   Thanks!   Twitch  ... View more