About PhilipDAth

PhilipDAth

What about mounting the MV12 to some plywood, and mounting the plywood to the steel beam?

PhilipDAth

I think you'll need to try manually installing the software on one of the machines so you can watch and see why it is failing.

PhilipDAth

You can push out the msi, and the features that only require the agent to work (which is most of them) will kick in. Some features require the MDM Windows 10 profile to work. Not sure how you go about turning that on remotely.

PhilipDAth

> The Duo application setup requires the Meraki Consumer URL to be configured for the application. This is not a Duo "thing" but a Meraki "thing". It is the same for all Idps. It is not correct that it only gives access to one org. It gives access to all orgs via the MSP portal for which SAML authentication has been configured. Check out this section on configuring the Idp for MSPs. https://documentation.meraki.com/General_Administration/Managing_Dashboard_Access/Configuring_SAML_Single_Sign-on_for_Dashboard#SAML_SSO_for_MSPs

PhilipDAth

If it is a small location - do you need to use dual MXs? What about using a small MX with the PPPoE going straight into it?

PhilipDAth

https://documentation.meraki.com/MS/Access_Control/SecureConnect https://www.youtube.com/watch?v=OGWIiGpGaWs

PhilipDAth

It's an ISO 8601 timestamp.

PhilipDAth

If you unplug the MR and plug the notebook into the same switch port, can you browse web sites?

PhilipDAth

> Ah ok, so do you mean the phone itself uses DSCP? Yes, that is how it is usually done.

PhilipDAth

Create a second "test" Systems Manager network, and move your machine into that network.

PhilipDAth

> Now I can make a wish and have them support face-id You effectively can. The dashboard supports SAML. You would just need to provide a SAML Idp that supports authentication using face-id.

PhilipDAth

You should use a flow preference to specify the uplink you would like to use for the VoIP traffic. https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Load_Balancing_and_Flow_Preferences#Flow_Preferences Typically VoIP kit sets the DSCP values. You shouldn't be needing to overwrite anything. If this is the case, you should be able to use the default traffic shaping rules. Note that most ISPs ignore any DSCP values that you set.

PhilipDAth

If you only need to get to the management interface on the ISR, only add the second default route. ip route 192.168.102.0 255.255.255.0 10.10.10.254 You would make this much simpler if the ISR used a single interface, or you only attached the MX to one of the interfaces connected to the ISR.

PhilipDAth

@MichelRueger , to get features promoted in the Meraki world you need to include use cases. What would be the use case for faster reporting?

PhilipDAth

Where using the co-termination model, so there is only one date ... I'm guessing you are using per-device?

PhilipDAth

> We have been doing packet captures left & right. Ping traffic shows responses but when we try to load the Citrix website we aren't getting responses back. If you aren't getting the traffic back, then they are not sending it ...

PhilipDAth

This is the datasheet for cloud archive. https://meraki.cisco.com/product-collateral/mv-cloud-archive-datasheet/?file It says you need a minimum of 1Mb/s of bandwidth per camera. I can't remember. I expect this will be related to the recording quality you select. I'm thinking 1Mb/s would be for one of the lower quality settings. I have almost half a dozen customers who have put in their Starlink orders (in New Zealand) now. The sooner you sign up the sooner you'll get it ... What about using motion alerts with a schedule? Have the cameras email movement to an email address when no one should be on-site? Then you are only exporting stills, and only when there is movement. The bandwidth requirements would be significantly less. We use this approach in our office for security purposes.

PhilipDAth

I've seen a bank block access to those with old unsupported OSs as well.

PhilipDAth

Thinking sideways; banks in my part of the world sometimes block you from logging in if you have old browser versions. Is their software right up to date? Tried a different browser?

PhilipDAth

If you use an MX68 connected to a pair of MG21s, and let it load balance across them, you would probably only need a pair of 600GB plans. Have you considered using Starlink? Their plans include unlimited data ... Perhaps you could use both 4G and Starlink to try and cover your bases.

PhilipDAth

Do you *really* need to use cloud archive? Also, you are going to need a 4G connection that can sustain 4Mb/s up, 24x7. I would not be confident of getting that. And then if you actually look at any of the cameras, that is going to use even more bandwidth.

PhilipDAth

You don't mention which country you are in - but this feature only works in a small number of countries. Because you are completely dependent on the third party SMS provider, the transit between them and your provider, and then your provider for it to work - I'd personally dump the approach and use an "authenticator" app. Much more reliable. https://documentation.meraki.com/General_Administration/Other_Topics/Two-Factor_Authentication#Using_Google_Authenticator_for_Two-factor_Authentication_in_Dashboard

PhilipDAth

Wouldn't you just use an RMM for that?

PhilipDAth

@Greenberet has excellent developer skills and is a great asset with the API questions.

PhilipDAth

How does SMTP get to the server at the moment? IP address or port NATed through to it? If so, use the same approach and NAT tcp/443 through to it. Otherwise, you could deploy a reverse proxy. I like using HAProxy, but you can use whatever is your favourite. None of this has much to do with Systems Manager ...

PhilipDAth

Community Record

Badges