Try running a continuous ping and see if that keeps it up. If not then try a small data stream or bigger packet sizes. That will be the easiest, but next I would rule out the carrier and try a prepaid or data only sim from T-Mobile or AT&T. If that still has issues possibly try a different USB modem.   https://documentation.meraki.com/MX/Cellular/3G_-_4G_Cellular_Failover   There is a list of supported USB modems. Most people are going to tell you to run a cellular device/modem that has e ethernet handoff that you can plug into a WAN port on the MX.   I have run this modem on T-Mobile on MX64,65, and 67, which are all NA models and is practically plug-n-play   https://www.amazon.com/gp/product/B01M0JY15V/ref=ppx_yo_dt_b_asin_title_o04_s00?ie=UTF8&psc=1 ... View more

https://meraki.cisco.com/lib/pdf/meraki_datasheet_mx.pdf   Per this doc the MX65 does not support 802.1x. You need the wireless model of 65 or 68 (MX65W, MX68W, or MX68CW) ... View more

is this Channel 5 or 5Ghz? ... View more

Has the latency climbed again? ... View more

Are you using webhook or python, or something else? ... View more

My guess is that the switch boots faster than the server which I am assuming is the DNS server, when the switch boots it can't reach the server. After the next reboot it can since the server is probably fully booted.   You probably should have some UPS on the server and switch to help with this if you don't already. ... View more

If this is only 2 clients then possibly use a Client VPN, then you can give them a full tunnel to location A and also you could leave the connection to always on. ... View more

@PhilipDAth Nice job! I didn't get mine submitted, but we had very similar topology. Kind of interested why you left 8 MR55 at the branch office with 50 users. I had relocated the webserver to HQ along with the MR55 to be connected to the mGig switches and replaced the 8 at Branch 1 with 10 MR42.   Also interested in the unused MX84, couldn't it be swapped with the MX67W and then have the MX67W be a cold spare. Then move some MR18 over there for better wireless coverage/bandwidth? ... View more

Very interested to see what the deal is with this. I have this on my list to convert scripts/webhooks. ... View more

URL blocking   Whenever a client fetches a web page on this network, the requested URL is checked against the lists configured below to determine if the request will be allowed or blocked. Pattern matching follows these steps:  Check if the full requested URL is on either list. e.g., http://www.foo.bar.com/qux/baz/lol?abc=123&true=false Cut off the protocol and leading "www" from the URL, and check if that is on either list: foo.bar.com/qux/baz/lol?abc=123&true=false Cut off any "GET parameters" (everything following a question mark) and check that: foo.bar.com/qux/baz/lol Cut off paths one by one, and check each: foo.bar.com/qux/baz, then foo.bar.com/qux, then foo.bar.com Cut off subdomains one by one and check those: bar.com, and then com Finally, check for the special catch-all wildcard, *, in either list. If any of the above produces a match, then the request will be allowed through if it is in the whitelist and blocked otherwise. (That is, the whitelist takes precedence over the blacklist.) If there is no match, the request is allowed, subject to the category filtering settings above. HTTPS requests can also be blocked. Because the URL in an HTTPS request is encrypted, only the domain checks will be performed (www.foo.bar.com, foo.bar.com, bar.com, com, and the special catch-all *).     So it doesn't sound like it will work, because Whitelist takes precedence. The only other option I can see is traffic shaping.   I am not using this service so I can't test, but I would create a rule limiting facebook.com bandwidth to 20kbps and then another rule with the sub domain with 5Mbps+ bandwidth. ... View more

I didn't notice the combined networks referenced, sounds like API is the best bet then. ... View more

In my experience with Dynamic Public IP from the ISP they don't change all the often. Usually only on a reboot and even then not always does the IP change. Is your provider changing the IP regularly? Is static not an option? ... View more

That seems like very high latency. You might check with the ISP and see if that are seeing the same numbers. Also might try a direct connect without the MX and see if you see that kind of latency.   On the firmware side you can upgrade and you have 14 days to roll back if you want. So if you find that it didn't fix your issues or that it caused more problems then you have some options. ... View more

I believe if this is in the same org then a network template would work.   https://documentation.meraki.com/zGeneral_Administration/Templates_and_Config_Sync/Managing_Multiple_Networks_with_Configuration_Templates#MR_-_Wireless_Network_Templates ... View more

@jdsilva I understand your logic. I guess I was assuming the cable and what not is fine. Provided the cable test works the problem could easily be on the device side (printer) ... View more

Some options to consider:   1) Change the port on the switch from auto negotiate to 100Mbps Full Duplex (or whatever setting seems to give you less errors)   2) Try to force the speed on the printer side, possibly it is set to auto negotiate and it isn't working correctly or something is causing it to renegotiate.  ... View more

Is this on one port only? What type of device is plugged into it? ... View more

I believe the Windows commands for that are below, which usually the machine will need a reboot after they are run.   netsh int ip reset netsh winsock reset ... View more

As far as my experience you can create a VPN to MX devices across different organizations and use a Dynamic IP, you will just have to update it when the VPN goes down, which you could setup alerts on and even update via a script. ... View more

@drgnslyr Looks like 4 more classes came available this morning! ... View more

Check port 9350 on the 4G router and make sure that is open. Also are you able to ping MX to MX? ... View more

If you can filter then by say OS in the dashboard you can select them and mass apply the group policy. How many clients are we talking about? ... View more

Sounds like a good time to give some swag away 🙂 ... View more

Script the VPN profile creation. It isn't worth your time going through all the troubleshooting to find out that some OS change or update caused the issue. Our first step on the desktop if the client VPN isn't working is to run the script and delete the old profile and create a new one with the right settings.   If you read the most recent member spotlight with @Nash she provided a link to GitHub and her script, which would be a good place to start   Learn more about your community peers in our Member Spotlight!    https://github.com/gammacapricorni/happy-meraki-client-vpn   ... View more