If you are able to reliably reproduce it, perhaps it would be a good idea to open a case, and demonstrate it to Meraki Support? ... View more

Likely it's not possible to stop the Mac Flappinng events.   The Mac addresses that seem to be flapping, what do they belong to? Wireless Clients? If so, bad luck. It's most likely due to clients roaming between Access Points, faster than the entry in the mac address table expiring. ... View more

If it says -B on the back it’s in Catalyst mode.   You can migrates it to Meraki mode, but you’ll need to have Meraki Support to initiate the migration. So you’ll need to log a case with Support. ... View more

Have a look at the packinglist.  If it says CW9164I-M it’s the Meraki SKU, and thus it’ll be in Meraki Mode. if not, it is in Catalyst mode. You should also be able to see it on the label, on the backside of the AP.   Based on your CLI output, I’d assume it’s in Catalyst mode. ... View more

About time. 😉 ... View more

While it's a C9300 Cisco switch, and the supported SFP matrix from Cisco, says yes, I'd still rely on what the Meraki Datasheet says. This is to ensure support from Meraki, just in case.   The C9300X-24Y-M datasheet says that it supports 10G twinax. https://documentation.meraki.com/MS/MS_Overview_and_Specifications/Catalyst_9300X-M_Datasheet   If possible, I'd go with the Meraki SKU, so ensure compatibility and support.   ... View more

Then you’ll need to upgrade to MR31.x in order to use WPA3 Enterprise Transition. ... View more

What firmware version are you running? If I remember correctly, you need MR31.x to get WPA3 Transition.   ... View more

Go to Wireless -> Monitor -> Health. Click on the tap Connection log. Filter for the last 12 hours and filter for the specific client.   At the time where the client is failing when connected, what does it say?   Also what errors do you see in the logs on your Radius server?   8 out of 10, if others are able to authenticate with certificate expect for the one client, it is most likely a certificate error. Either it's expired or there's an error in the certificate. Or the client is being profiled incorrectly on your RADIUS server. ... View more

I think it's more general, when looking across vendors and seeing how fast they are going to market with WiFi7. If i remember correctly, the standard hadn't even been ratified before vendors such as Ubiquity or MiST began annoncing WiFi7 access points. Even before there were any WiFi7 clients.    I recall that Cisco had the stance that they didn't really belive in WiFi7 and were expecting to jump over it. But I'm guessing because everyone else were putting devices on the market, they had to aswell, otherwise they'd be left behind. So it's merely to have a presence, rather than the lack thereof.   I have the BE201 NIC from Intel in a Wlanpi, and eventhough is supports MLO and I have two links when connected to a WiFi7 AP, it's still only using one, because it's a Non-STR(?) device. But then again, I can't say for other 11be NICs. ... View more

You should be able to do so already, without RBAC.   Go to the Switchport that you want your employee to be able to manage and tag it e.g. Facility. Notice the tag Facility in the screen shot.   Then go to Network-wide -> Configure -> General Under port management privileges you can configure the tag to be used for port privileges.   Then on Organization -> Administrators, you can create your employee as an administrator and target the employee to a network and select the tag Faclility.   From then on, your employee should only be able to access ports only assiged Facility tag. Maybe he can view other ports - I can't remember. But he will not be able to edit ports that are not assigned the Facility tag. ... View more

All configuration is located on the Dashboard. If you replace a MX450 on the Meraki Dashboard with another MX450, the new device will have the configuration pushed by the Meraki Dashboard, so it will end up running the same configuration as the old device.   If you switch over to the spare, power down the old primary and replace it with the new primary, as well as replace it on the Meraki Dashboard, I would expect it to come online again and begin synchronizing its configuration and upgrade to the current running firmware.   Once that's done, I'd expect you to simply just beable to fall back to the primary again, unless it does so premptively. ... View more

Well... Based on what I'm hearing and looking at how vendors are integrating WiFi7, I think WiFi7 looks more like the next iteration of AC Wave 1. Basically just getting the standard supported by using off-the-shelf technology, without putting real development into it.   The way Cisco supported AC Wave 1 was to use the Qualcom chipset, before introducing their own innovation with AC wave 2. ... View more

What mode is the MX100 in?   You could simply bypass your MS390, and just create vlan2 on the ports, and create the vlan 2 SVI on the MX, incase it's in Routed Mode. ... View more

Good luck with the song and dance with Management. 🙂 ... View more

While it serves many of the same purposes, it's not a replacement of ISE.   From the Slideware I've seen it opens for more integration directly with EntraID in combination with differet EAP methods. ... View more

If you go to Wireless -> Configure -> Firewall & Traffic Shaping, and select the SSID from the dropdown, on Outbound rules, is the SSID allowed Local LAN access? Is it set to Allow or Deny? ... View more

I don't think the 9172i is going to be mainstream yet, either. Like you say, people are still trying to catchup to WiFi6 and 6E.   The 9172H however, is really interesting! Finally, a replacement for MR36H which is newer and modern. ... View more

I have yet to try it, so I don't have anything to share on how it takes.   However, I imagine that if you open a case with Meraki Support, and call in, I'd expect it to be fairly quick. ... View more

Start by changing the allow list to something less than 1000 vlans in total, e.g. VLANs 1-200. Save the config. Then edit the ports again, and then add the VLANs to the list that you need. ... View more

Besides the one that Philip mentions, there's also two more free courses at the moment, which gives CE points.   DEVNAE, Network Automation, which gives 16 CE points - https://u.cisco.com/paths/3 DCAIE, AI on Cisco, which gives 34 CE points - https://u.cisco.com/paths/288 ... View more

Bridge mode, or configure your ISP router to open or forward 2223 to your MX. ... View more

For good measure, could you try and replace your external IP on the Forwarding rule with "Any"? Allow the MX to update it's config, and then try to SSH to port 2223, then.   Also, you mention that the MX has a Public IP on it's WAN. Is that also what you see when browsing to Appliance Status and clicking on the Uplink tab? ... View more