@rarodrigo by trunk port do you mean the uplink?  Typically this port will show up in the dashboard with an up arrow.  ... View more

@DunJer622 can you include a screenshot?  WAN Static IPs can be configured from the local status page.    ... View more

If you want to be able to get to its local status page remotely then you need to go to Security Appliance>Firewall and add your IP to the 'Web (local status & configuration)' section.  Also go to Network Wide>General and check the 'Remote device status pages' setting and make sure it is set to 'Remote devices status pages enabled.'  ... View more

In our workshops, open with high ceilings but a lot of metal etc... we place them about 75' apart.  We typically mount them around 15' off the ground facing down depending on what options there are from the ceiling.   ... View more

If the traffic is NAT'd to your SMTP server couldn't you do the monitoring on that server? Alternatively you could mirror the port going to/from your mail server to whatever monitoring platform you wanted to use.   ... View more

By AD Authentication do you mean 802.1x Radius?  If so then it does look like you could have that selected for Network Access section and the spash 'Click-Through' is served by the Meraki servers so no certificate needed.   ... View more

You can't 1:1 NAT anything that needs connectivity to the provider address space? ... View more

@Dash you can create the same vlan/subnet at each site as long as it isn't part of the VPN tunnel so you don't get routing issues between sites.  Regarding point 3, I haven't found a way to accomplish that.  I contacted Meraki support and they didn't have a solution so I just made two public vlans.  Secure public and regular public.  The secure public is the public only subnet/vlan where I'd failover my 802.1x devices and devices that would otherwise be secure.  The regular public subnet is for devices that are not otherwise secure and just need internet.  Crude solution but I haven't come up with a better one in the meantime.  @PhilipDAth any ideas for this? ... View more

Will each MX have its own internet connection?  If so then you could safely use the same subnet on all of the MX's and just have it route out the internet.  A few things to keep in mind. 1.  If your MXs are VPN'd together then make sure to not include the guest subnets in the VPN 2.  If you make a guest vlan/subnet on the MX it will automatically be routable to/from your production network so you'll need to go to Security Appliance>Firewall to create a rule to prevent the guest vlan/subnet from being able to talk to your other vlan/subnets.  3.  Any device on the guest subnet will be able to see/ping any other device on the guest subnet unlike the way the wireless Meraki guest subnet works with segregating each client.  ... View more

In my experience the throughput has always just been the down speed.  No indication of upload speed.  But I stopped using that test in lieu of running http://www.speedtest.net/ from a client machine since I typically need to know the circuits upload capabilities as well.  Also if you have two WAN connections that tool doesn't give you the ability to select which one you want to test the throughput on.  So it'll likely just use whichever you have specified as the primary uplink.     The last section in the article @PhilipDAth linked above provides some interesting clarification. https://documentation.meraki.com/zGeneral_Administration/Tools_and_Troubleshooting/Throughput_test_to_the_Web_from_Cisco_Meraki_devices#Comparing_to_Similar_Throughput_Tests ... View more

I've learned a lot in this thread.  Mass kudos.  ... View more

The SFP should be a constant.  No configurations needed aside from your port config which you did as trunk. Your jumper is yellow so usually that is an indication that it is single mode not multi mode.  But its most important that the fiber cable (jumper) matches the rest of the fiber run to its destination.  Whether that be single mode or multi mode.  Did the fiber work before on the old Cisco switch or is this a new configuration you are working on? ... View more

I agree with @Markus comment.  The NPS config on each server will be important to review.  There are a lot of moving parts to make sure NPS is configured properly on both the server and also on the clients (GPO).  Shared secret, Policy Conditions/Constraints, etc... ... View more

If I run that same test from the Meraki dashboard it fails but my radius is working fine with NPS.  I think I called Meraki about that a long time ago but I can't remember what they said about the reliability of that test.  So you may want to try connecting an actual client to your SSID to test.  ... View more

In my experience it was usually an issue with me not understanding the fiber and getting the wrong jumper.  Single mode vs multi mode etc or having the pair flipped on one side or the other.   ... View more

I see you marked the thread as solved.  Were you able to find a solution or just moving on to support? ... View more

Error would seem to indicate an issue with the CSR.  Are you the copy of the CSR you downloaded from the Meraki dashboard isn't corrupt?  Maybe after you've downloaded the CSR try opening it in notepad.  The content of the file should look something like this with different hash information in the middle.    -----BEGIN CERTIFICATE REQUEST----- MIIByjCCATMCAQAwgYkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh MRYwFAYDVQQHEw1Nb3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgSW5jMR8w HQYDVQQLExZJbmZvcm1hdGlvbiBUZWNobm9sb2d5MRcwFQYDVQQDEw53d3cuZ29v Z2xlLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApZtYJCHJ4VpVXHfV IlstQTlO4qC03hjX+ZkPyvdYd1Q4+qbAeTwXmCUKYHThVRd5aXSqlPzyIBwieMZr WFlRQddZ1IzXAlVRDWwAo60KecqeAXnnUK+5fXoTI/UgWshre8tJ+x/TMHaQKR/J cIWPhqaQhsJuzZbvAdGA80BLxdMCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA4GBAIhl 4PvFq+e7ipARgI5ZM+GZx6mpCz44DTo0JkwfRDf+BtrsaC0q68eTf2XhYOsq4fkH Q0uA0aVog3f5iJxCa3Hp5gxbJQ6zV6kJ0TEsuaaOhEko9sdpCoPOnRBm2i/XRD2D 6iNh8f8z0ShGsFqjDgFHyF3o+lUyj+UC6H1QW7bn -----END CERTIFICATE REQUEST----- ... View more

Glad you were able to get it resolved 🙂 ... View more

Try going to Organization>Administrators to remove them. Looks like you may have been in Network Wide>Users ... View more