Meraki

PhilipDAth

Anything configured under Wireless traffic shaping?

PhilipDAth

With modern firmware: * tcp/443 (HTTPS) is used for all cloud communications * tcp/80 (HTTP) is needed for retrieving CRLs for checking certificates * udp/123 (NTP) is needed for time synchronisation - although I think most devices now synchronise over the 443 tunnel. I don't think 7734, 7351, and 7752 are really needed anymore, but they are used for backup comms in case something goes wrong. Not having those may limit the ability of the network to repair should an adverse event happen.

PhilipDAth

The syslog messages are sent directly by the device. If you do a packet capture on the edge do you see udp/514 traffic?

PhilipDAth

I don't see any action to create an array? >just put your string variable in square brackets. Once I select a variable, it won't let me edit the field anymore to add brackets. I can't see any actions like "Compose with JSON". I ended up creating a one-line "Create With Python" script action like: output = ["variable"] It kinda seems wrong to drop back to coding when everything else is GUI point and click based.

PhilipDAth

Part of my workflow involves claiming an MX into a network. I create a list of all suitable MX in inventory, and let the user choose one using "Create Prompt". At this point, I now have a string which is the serial number of the MX I want to add to the network. I would now like to use the atomic "Meraki - Claim Network Devices". However, it requires an *array* of strings. I can't figure out how to add a string to an array, or how to convert a string to an array. I've tried creating a local variable which is an array of strings - but I can't find any operations that let me append to that array. Help!

PhilipDAth

If you visit the below URL - are you attached to that AP? http://my.meraki.com/ Check out "Wireless Health": https://documentation.meraki.com/Platform_Management/Dashboard_Administration/Operate_and_Maintain/Monitoring_and_Reporting/Meraki_Health_Overview Also, click the client in the dashboard and review the roaming events. Is the client making any bad decisions?

PhilipDAth

Try enabling these two settings: You want the system to avoid changing the channels while they are in use, as it requires clients to be good enough to roam, otherwise they'll get cut off. https://documentation.meraki.com/Wireless/Operate_and_Maintain/User_Guides/Radio_Settings/AI_-_RRM#AI_Channel_Planning

PhilipDAth

What is the purpose of the three different SSIDs? Could you use a single/24 across everything (to keep life simple) and use wireless firewall rules to control access to various systems? https://documentation.meraki.com/Wireless/Operate_and_Maintain/How_Tos/Firewall_and_Traffic_Shaping/MR_Firewall_Rules Is using NAT mode for one of the SSIDs to hide its addressing an option (especially if one of the SSIDs is just for guest access)? https://documentation.meraki.com/Wireless/Design_and_Configure/Configuration_Guides/Client_Addressing_and_Bridging/NAT_Mode_with_Meraki_DHCP

PhilipDAth

This is the way.

PhilipDAth

If you do a "plain old Internet speed test" at each site, are you seeing the expected Internet throughput?

PhilipDAth

Are there any funny speed limits configured here?

PhilipDAth

Is SMB bandwidth throttling enabled? You should be able to check this from PowerShell with: Get-SmbClientConfiguration | Fl EnableBandwidthThrottling If it is, you can try turning it off with: Set-SmbClientConfiguration -EnableBandwidthThrottling 0

PhilipDAth

Have you tried my hack of disabling the performance cookies? https://community.meraki.com/t5/Dashboard-Administration/Sluggish-Dashboard-View-Failed-to-Load/m-p/282232/highlight/true#M11203

PhilipDAth

Are you wanting to prevent wireless clients talking to LAN clients, or prevent wireless clients talking to each other, or some other kind of isolation?

PhilipDAth

On both the server and the workstations, enable TCP timestamping (helps a lot with asymmetric performance issues). netsh int tcp set global timestamps=enable

PhilipDAth

Are you running a current stable or better firmware? Do your hubs have the public IP addresses directly on their WAN interfaces, or are they running through NAT?

PhilipDAth

!!! Painful. Have you got an intern that can do a lot of mouse clicking for you?

PhilipDAth

Good thinking, but won't help for MX swapouts unfortunately. 😞

PhilipDAth

I decided to try using the new Automation feature for a real job, rather than Python. I have a customer wanting to swap out around 100 MX65s for MX67s (all networks are in a template). I need the Meraki admin to select the current Meraki network and the new MX67 (in the GUI), have the system copy the device name and physical site address, remove the MX65 from the network, add the new MX67 to the network, and restore the device name and physical site address. The thinking is that this automation will be retained and used for all future MX swapouts (such as for RMAs). It's a steep learning curve. I hope I get faster as I use it more. I feel like I am wading through mud. How has others' experience been?

PhilipDAth

Do you by chance have any APs in your inventory that are not in a network (because all of the APs were claimed at the same time)? If so, try adding them all to a dummy network, wait 30 minutes, and see if any of them light up. If a couple come online, use the "Blink LEDS" feature to narrow down which one it is.

PhilipDAth

If you connect to the local status page, what does it say the problem is? https://documentation.meraki.com/Platform_Management/Dashboard_Administration/Troubleshooting_and_Support/Troubleshooting/Using_the_Cisco_Meraki_Device_Local_Status_Page/Cisco_Meraki_Local_Status_Page%3A_MS_Switches

PhilipDAth

Do you have a policy permitting the group of machines to have access?

PhilipDAth

The documentation people are the unsung heroes of IT.

PhilipDAth

Does this option not work?

PhilipDAth

Are you, yourself, accessing the Meraki Dashboard, connecting via an MS120, MS125 or MS130 running 17.2.x?

About PhilipDAth

PhilipDAth

Philip D'Ath

Community Record

Badges