Correct, the option in the switch settings page counts for every switch unless overridden. So you could have omitted it from the switches if you had set in in switch settings. ... View more

Or you can set the management VLAN on the uplink of each switch individually or you can set it there like on your screenshot. It's the VLAN your switch uses to reach the cloud. ... View more

Have you tried another channel? There could be non-wifi interference with a high duty cycle. In case of high usage due to someone overusing it, then just put a per client bw limit. ... View more

Yep I find this annoying if you have a customer with a multitude of sites (not small sites where you can use templates) and they want the same SSID's in every site... ... View more

Both, MR32 and MR34 use VHT as modulation so you should not have a problem mixing them.  Just make sure the AP's have access to the same L2 VLANs. MU-MIMO can only be used if your clients send large frames and if they are far apart.  If you have mostly voice packets or small data then MU-MIMO doesn't help at all. ... View more

Well, if you're able to use 40 MHz if the channel plan allows for it. Then you will have the advantage of using it because even though you cap the througput of every client to 25 Mbps, they will need less time on the air to actually transmit that 25Mbps of traffic.  Because if 40MHz is possible, the potential datarate per device can go up and you could potentially have more efficient use of the airtime. However if the channel plan doesn't allow it because you get co-channel interference from a distant AP on the same channel and then you need to fall back to 20 MHz. This is one of the main reasons to keep your celsizes on the small side and avoid putting AP's in corridors. ... View more

The most important fact has not been checked. Since you're using 1AP per classroom you should survey those areas around that classroom and above and below to see how far that signal actually bleeds even at lowest transmit powers. Keep in mind that although people use -67 dBm as a celborder definition, the signal can cause signal detect at 4 dB above noise floor.  That means if your noise floor is -92 at your area your AP and connected clients can still be heard at -88 dBm from neighboring AP's causing deferred transmissions. So when determining your channel plan, see how far the signal goes down to -86 or -88 depending on noise and that is your actual border wherein you cannot reuse that channel.  So if you still  have room for enough channels, then go with 40MHz, but if you don't have enough channels, move down to 20MHz.  Also consider changing your RX-SOP thresholds.  And of course use high mandatory datarates like 24Mbps minimum to avoid overhead. ... View more

The AP will still be sending it's survey SSID with the MAC address in it. Just connect to it using a laptop and browse to http://10.128.128.128. Login using it's serial or local login if you have set any and then just put site survey mode on disable. ... View more

The L2 topo also shows some weird behavior on the MX'es going to the internet since a few months. ... View more

If all critical devices in your org support 5GHz and your coverage meets the requirement on 5GHz, then go for it! ... View more

Is your client showing up as authenticated int the guest logins section? ... View more

Yeah, the co-termination has it's ups and downs.   For instance removing a device and license from an org does not return it's value to the license co-termination pool. Renewals have to have all devices in it or it removes other devices.. very strange way of working.   I'd rather have the individual licenses per device so you can retire a device by not renewing it but renewing other stuff. ... View more

If you'd have 4 fibers you could cross connect them for full redundancy but in this case it's just from the  stack of 225's each one cable to a 220. ... View more

If you want to keep management inline you'll have to use 10.0.0.1 IP as local IP on the switch and use 10.0.0.2 as default gw. Do mind if you have a switch stack you'll need to have a big enough subnet to support all stackmembers and the SVI of the stack. I never used an out of band solution for this since it gave me some headaches keeping the routing separate from the management. ... View more

Still, for some administrative work you can have problems with licenses of individual devices being ended. You can only see when you added a certain device license for a certain period.   We had a case once where an org merged and wanted to move devices from their org, to the main org so they could use autoVPN instead of non-Meraki VPN.   The co-termination was still 3 years in the future but their core switches had expired licenses, so when moving the devices to the other org, the switches were no longer covered because their license could not be transferred, even not from support.   So the customer had to buy new licenses for those switches. ... View more

@PhilipDAthI do believe if you have a higher license limit than actual devices in your network you're losing co-termination time because you spread your licenses of devices you don't have. And the dangerous thing with license renewals is that you have make sure ALL your devices are in that one license renewal key or you lose those devices. ... View more

The problem I have with split networks is that you can't click through on a client with problems from the MX to the switch or AP.  So troubleshooting becomes a thing where you're going back and forth between networks. There is however the big problem with combined networks and a L3 switch that you can have duplicate traffic types from ghost clients because in combined networks you can only use track clients by MAC address. ... View more

Then please share how you set up your test and what TCP/UDP port you explicitly allowed outbound in a group policy that didn't allow return traffic. ... View more

Are you kidding me? I hope this is not the case because that would be plain silly. Applying a group policy that has L3 rules only enforces rules at the MX or MR depending what is closest to you, and those devices do it stateful, so why do you think it would be stateless, that makes absolutely no sense and that would break alot of designs. ... View more

Oh the 9120 is fresh off the shelf then. Indeed in that datasheet there is mention of both DL AND UL-OFDMA ... View more

I do regular make a wish but it feels like a black hole button since no real feedback is given. By posting it here I just want to get fellow engineers like yourself also think about these features and also submit make a wishes so it get's noticed more 🙂 ... View more

Sorry, I'm used more to have MX84 appliances and the WAN's are numbered 1 and 2 instead of 4 and Internet (5). Just wanted to make my point that a packet capture on the dashboard always shows the correct MAC. Yes I did read the post wrong, I thought he meant the outgoing interface of the appliance, not the MAC's on the segments in front of the MX, sorry again 😉 ... View more

@NolanHerringI just checked the Cisco C9100 AP's and they also only support downlink OFDMA. So it could be that the standard is not 100% set on doing scheduled vs unscheduled UL-OFDMA transmissions or like the Meraki document states that in most use-cases, especially in high density the traffic is by far the biggest in the downstream direction. ... View more

If the LAN subnets exist in front of the MX then a one-armed concentrator is probably what you are looking for. ... View more

To quickly know of the WAN interface try sending traffic through it and at the same time execute a capture using dashboard on the internet (WAN1 or 2 depending on where you send it).  Just use the display you don't even need to use the pcap file option and you can see the mac address your mx uses.   In normal circumstances  without using VLANs on your WAN, the MAC address on WAN1 is always 1 higher than the system MAC and WAN2 is 2 higher. If using warm spare there is a virtual mac being used but the last part also related to the system mac part. ... View more