The error indicates that there is a problem with the JSON syntax in the arguments (kwargs) passed to the updateNetworkApplianceFirewallL3FirewallRules command. The specific error is: Expecting property name enclosed in double quotes: line 3 column 5 (char 7) This suggests that there is a problem with the double quotes somewhere in the JSON. When examining the JSON provided, I noticed that there is a space before the { curly brace that begins the rules object. This may be causing the error. Try removing the space before the { curly brace and see if the command works: --kwargs "{ "rules": [{ "comment": "Block", "policy": "deny", "protocol": "any", "srcPort": "any", "srcCidr": "any", "destPort": "any", "destCidr": "<IP.ADDR>/32", "syslogEnabled": false }] }" ... View more

There are some requirements that must be followed for it to work, please review each one carefully.   https://documentation.meraki.com/MR/Encryption_and_Authentication/Configuring_RADIUS_Authentication_with_WPA2-Enterprise#Dashboard_Configuration   https://documentation.meraki.com/MR/Encryption_and_Authentication/RADIUS%3A_WPA2-Enterprise_With_EAP-TLS   https://www.youtube.com/watch?v=Iput9nLnldA&pp=ygUII25wc2F1dGg%3D ... View more

Take a look at this https://community.meraki.com/t5/Meraki-Certification/ct-p/cmss ... View more

These should probably only be objective questions, I don't see any possibility of emulating all products for use in the laboratory.   I believe that on the internet you should find someone's testimonial about the study journey for this certification. ... View more

I've never taken the Meraki exam, but if it's like the traditional Cisco exams, the test is divided into multiple choice questions, drag and drop, choosing more than one correct answer, and labs. As far as I know, the Cisco exams are only available in English or Japanese, meaning there are no translations. In my opinion, it makes sense not to have a translation since most of the good materials are in English. ... View more

https://docs.johnsoncontrols.com/bas/r/Facility-Explorer/en-US/Facility-Explorer-IP-Networks-for-BACnet/IP-Controllers-Configuration-Guide/Appendix-VPN-with-a-Cisco-Meraki-MX-security-appliance-configuration/Configuring-the-modem/router-into-bridge-mode ... View more

Maybe it will help you.  https://documentation.meraki.com/MS/Access_Control/MS_Switch_Access_Policies_(802.1X)#RADIUS_Caching_for_MS390_and_C9300-M ... View more

You can configure any other IP address range that the MX will add to its routing table. If you have a layer 3 switch below the MX, you may need to add the route to that switch as well. Just to confirm, who is the default gateway for your network? ... View more

Is the switch port to which the AP is connected configured in Trunk or Access mode? Have you checked whether the port is configured with the correct VLAN? ... View more

Could you please share your complete SSID configuration? Do you have any features like 802.11r enabled? ... View more

Would it be possible to share what the settings are like on both sides? ... View more

What firewall model are you replacing with? Have you checked the log messages? ... View more

The best way would be to use 802.1x and control this with policies created on your Radius server. Of course, for this you need an authentication base such as Active Directory or LDAP. With iPSK there is not much you can do, because the password can leak at any time. Unless you use a Radius server for iPSK instead of the way you are using it, but even then you will need a Radius server. ... View more

Just the domains in one long hex string. ... View more

Try converting each domain to text in hexadecimal format, and then combining both into a single hexadecimal string. ... View more

802.1Q VLAN and trunking support for up to 4,094 VLANs (1000 active VLANs with STP enabled)   https://documentation.meraki.com/MS/MS_Overview_and_Specifications/MS390_Datasheet#MS390_Licensing ... View more

Please note: C9K/MS390 runs single instance (0), single region (region1), and single revision (revision 1) MSTP. This is essentially Rapid Spanning-Tree. Please make sure for interoperability with any other non-Meraki platforms, to either run Rapid Spanning-tree or MSTP (not PVST or any iteration, nor any other vendor specific STP implementation). This will ensure that there are no issues with compatibility and functionality. https://documentation.meraki.com/MS/Port_and_VLAN_Configuration/Configuring_Spanning_Tree_on_Meraki_Switches_(MS) ... View more

Wireless firmware versions MR 31.1.5.1 changelog Important note Wi-Fi 5 Wave 2 MRs support - This version and subsequent MR 31.x.x are only supported on 802.11ax (Wi-Fi 6) and newer MR models. 802.11ac Wave 2 and older products will not upgrade if they are in networks configured for MR 31.x.x versions, and thus, the new features will not be available. The bug fixes listed below will also not apply to Wi-Fi 5 Wave 2 and older MRs. (https://documentation.meraki.com/MR/Other_Topics/Cisco_Meraki_MR_Firmware_Restrictions_Overview_and_FAQ) Includes support for Wi-Fi7 APs (https://documentation.meraki.com/MR/MR_Overview_and_Specifications/CW9176I_%2F%2F_CW9176D1_Datasheet, https://documentation.meraki.com/MR/MR_Overview_and_Specifications/CW9178_Datasheet) ... View more

Cisco Meraki devices can identify the hostname of a client device using NetBIOS, Bonjour, and DHCP. In some instances, the detected hostname may be undesirable. For example, 2 devices on the same network with identical hostnames or a device that has been identified by its MAC address. The hostname can be overridden within the Meraki dashboard by configuring a manual value.    The client's hostname will be determined in the following order of preference: User-specified Name MDNS Name (Bonjour) NetBIOS Name DHCP Hostname   In short, it will depend on the information that Meraki receives from these elements, but there is no guarantee that the hostname will be correctly identified. ... View more

Take a look at this discussion.   https://community.meraki.com/t5/Security-SD-WAN/NAT-Unfriendly/m-p/48968 ... View more

Migrating to DNA management mode To migrate your Catalyst switch(es) to DNA management mode, contact Meraki Support. To be migrated, a switch must be online and connected to the Meraki dashboard. Migration will factory default the switch and all configuration.  When operating in the Meraki-managed mode, Catalyst switches use firmware customized for cloud connectivity.  Once the migration to DNA or CLI managed mode is complete, please be sure to install a supported IOS-XE software version on the switches before deploying them in production networks. https://documentation.meraki.com/MS/Cloud-Native_IOS_XE/Migration_from_CLI-managed_Catalyst_Switches_to_Meraki-managed_Mode#Migrating_to_DNA_management_mode ... View more

What about the native VLAN on the Nexus interfaces that are displaying the message, have you configured it? ... View more

What is the spanning-tree priority configured on Nexus? Have you tried setting it for zero? ... View more

Have you checked whether there are any restrictions on the System's local Firewall? ... View more