Meraki

alemabrahao

Have you tried doing a test by simply disabling one of them?

alemabrahao

You can try it configuring the split tunnel. https://documentation.meraki.com/MX/Client_VPN/Configuring_Split_Tunnel_Client_VPN

alemabrahao

Is it possible to forget the network and try to add it manually? This is a known Windows issue.

alemabrahao

Since you have the service published on the internet and the clients are accessing it via the DNS that is configured on their internet router. The only way I can see is if you "force" the machine to use its internal DNS instead of the DNS that is configured on their router, or if you do not publish the service via the internet if that is a possibility.

alemabrahao

Are you manually configuring the connection on the machines?

alemabrahao

Have you tried in another web browser?

alemabrahao

What error are you getting?

alemabrahao

I think you need to check the Forescout documentation. https://docs.forescout.com/bundle/802-1X-Plugin-Configuration-Guide-4-2/resource/802-1X-Plugin-Configuration-Guide-4-2.pdf

alemabrahao

From MX or MR? Which NAC are you using?

alemabrahao

Why don't you create a rule of 3 blocking the source IPs to the printer's destination IP?

alemabrahao

Take a look at this https://revolutionwifi.blogspot.com/p/ssid-overhead-calculator.html

alemabrahao

In general, the recommendation is a maximum of 30 clients per radio. But it all depends on the type of traffic that you will pass through the APs. The more clients, the greater the traffic and the greater the channel utilization, which can make the user experience poor.

alemabrahao

Can you share the screenshot of what exactly you are trying to change?

alemabrahao

Anyway Meraki Systems Manager does not support Microsoft's Autopilot

alemabrahao

Meraki Systems Manager does not support Microsoft's Autopilot, but it does offer a similar feature for zero-touch configuration called Android Zero-Touch Enrollment. Android Zero-Touch Enrollment - Cisco Meraki Documentation SM - Android Zero Touch now available - The Meraki Community

alemabrahao

I believe it would be a good idea for you to consult your Meraki sales representative.

alemabrahao

You can configured windows machines generating the power shell config with this script. https://ifm.net.nz/cookbooks/meraki-client-vpn.html

alemabrahao

Can you share your code please?

alemabrahao

In this case, there is not much to do other than validate each MX individually. When I use templates, I always use the same MX model and use a standard set of ports to make management easier in these cases. Of course, it is not always possible to follow it exactly, depending on the location, but it helps a lot.

alemabrahao

Basically green means enabled and gray means disabled.

alemabrahao

On Security & SD-WAN > Configure > Addressing & VLANs page.

alemabrahao

The biggest disadvantage is that in NAT mode, client devices will always use the AP's IP to communicate with any resource. If you need to monitor client IPs, use bridge mode.

alemabrahao

In this case it makes sense.

alemabrahao

By the way, I don't know how you are monitoring but Trellix can be a great ally in these cases. https://www.trellix.com/

alemabrahao

I believe they are monitoring incorrectly, regardless of whether the client is on Wi-Fi or wired network, they should be able to identify the source of the alert. I believe they should correct the monitoring.

About alemabrahao

alemabrahao

Alessandro Abrahao

Community Record

Badges