I also opened a Case for this and at least the Supporter didn't directly say that it is not supported. Let's see what comes out of this. ... View more

I just tested it, and you are right that it doesn't work. But that is not because of CoA. It just seems that the MX is ignoring the RADIUS attribute for the VLAN. I am not 100% sure, but I think I have done this previously (on older MX versions) and it worked. Best to open a support case. ... View more

The MX doesn't do CoA. But you can still do Authentication and Authorization without.   https://documentation.meraki.com/MX/Access_Control_and_Splash_Page/MX_Access_Policies_(802.1X)   ... View more

You are right about the grace period, you have 30 days left. For the license ... no, it is not valid for a vMX because it is for the ... MX100. That leads to the question why you ordered it if you don't have one? By mistake? If the licenses is new, you can let it refund.   About applying the licenses ... I wonder why you got three licenses. To extend the license duration of the organisation, you need to apply one license with all what is needed in one license. But if you have your dashboard license expired anyhow, you could add the first license with "Renew my Dashboard license" which resets the inventory devices to the device of the first license. After that you add the other licenses with "License more devices" and you are all good.   And for you next renewal interval, come back and ask how to handle all of this before ordering the licenses.   Happy Holidays! ... View more

Nothing that is included in the Meraki solution. And in my opinion, if you need something like this, the best option is to choose an ISP that offers this as a service. ... View more

To add on what is already said: If PPPoE is used on the WAN, the MTU is automatically adjusted for the overhead If you need a different WAN MTU, Support can set this for you. But this reduced MTU is not accounted for when using non-Meraki IPsec VPNs and you will certainly run into problems. ... View more

Well done everyone!  ... View more

Oh yes! That is a big improvement. ... View more

Whatever the idea was, I support it! 😀 ... View more

The most important question is where this ACL is applied. Keep in mind that in the Meraki world, you don't apply an ACL to a switch. You apply the ACL to the switches in the network.   And this line  permit 172.x.x.x 0.0.0.31 could be wrong (at least if you want to act on the RFC1918 range) and perhaps should be  permit 172.x.x.x 0.0.0.15   ... View more

With two gateways, I assume that you also have two dashboard networks. In this case the APs in the different networks will not mesh. The clients in the “middle” will have a bad time as they could change from one network to the other and each time they receive a new DHCP config and sessions will break. ... View more

Oh, never heard of this. Next time I’ll look if I have an offline device. But I am pretty sure that for me, it was something else most of the cases. When I take devices offline I typically move them to a “spare” network. ... View more

Ok, that makes sense. Is it documented somewhere? ... View more

My first idea was that it could somehow relate to the port mapping that is also used in templates: https://documentation.meraki.com/MX/Other_Topics/MX_Cold_Swap_Replacing_an_Existing_MX_with_a_Different_MX#Port_Mapping_for_different_MX_models But no, does not align here at all ...  ... View more

Updates are always done on a network and not on the individual APs. So there is no way to update the single device. You can install the ne APs anytime you want. As long as they are supported by the running firmware for the network, they should install that version and directly work. ... View more

This happens also to me from time to time. Some times I just have to wait a little bit, but sometimes I needed to upgrade to a different version and from there to the intended version. I have no idea what is really causing this. ... View more

This is not a valid test as you are only blocking the echo-replies when initiated from the peer side.  I would consider this firewalling working if I can block an SQL-Slammer (which was only one UDP packet without any return packet) from my Non-Meraki-peer. ... View more

Perhaps we should all add a wish that FT should be implemented together with CoA. ... View more

Well, someone has ordered these licenses. That is probably the person to approach. At least I don't know a different way. ... View more

You will receive a “Your Meraki order has shipped” e-mail which includes devices and licenses in this order. ... View more

You will not lose the config of the existing switch. But adding a member to a stack (or especially building a stack) is better done with the switches being switched off and not doing it online. ... View more

Nowadays it is quite unlikely that you'll find a relevant client that doesn't support these channels. But if you need to have legacy clients. it definitely could be. The first Apple Retina iPad2 is one of the devices that I remember not to have UNII-3 support. ... View more