The best option if you intend to limit access is to use Anyconnect and configure group policies with Filter-ID. https://documentation.meraki.com/MX/Client_VPN/AnyConnect_on_the_MX_Appliance#Group_Policies_with_RADIUS_Filter-ID https://documentation.meraki.com/MX/Client_VPN/AnyConnect_on_the_MX_Appliance#Server_Settings
... View more
Have you tried setting the HUBs as a Default route? https://documentation.meraki.com/MX/Site-to-site_VPN/Meraki_Auto_VPN_-_Configuration_and_Troubleshooting#Auto_VPN_Configuration_Details
... View more
Has anyone done or heard of MX integration with Checkpoint cloudguard? I'm planning a solution Basically the MX will be part of the SD-WAN but the security control will be done by Checkpoint cloudguard (SASE Solution). Is it possible to do this integration? Thanks.
... View more
As @ww said you can try to change some configurations, but remember that roaming is a client decision. https://documentation.meraki.com/MR/Wi-Fi_Basics_and_Best_Practices/Client_roaming_and_connectivity_decisions_explained#:~:text=Roaming%20is%20a%20client%20side,APs%20advertising%20the%20preferred%20SSID.
... View more
You can use a client VPN, and Anyconnect is the best option: https://documentation.meraki.com/MX/Client_VPN/AnyConnect_on_the_MX_Appliance
... View more
You don't need to create VLANs on the Meraki switch, you just need to set the VLANs that you want on ports. https://documentation.meraki.com/MS/Port_and_VLAN_Configuration/Switch_Ports#Port_configuration
... View more
Well, it looks like an ISP issue. Which version are you running? When did it start? Were any changes made to your network before the problem started (a firmware update for example)?
... View more
First, check the configuration o the client device. If everything ok, check the Windows event viewer and find the reason code error. https://documentation.meraki.com/MX/Client_VPN/Client_VPN_OS_Configuration#Windows_10 https://documentation.meraki.com/MX/Client_VPN/Guided_Client_VPN_Troubleshooting#Common_Windows_errors_789.2C_691.2C_809.2C_720.2C_etc.
... View more
It's why I'm telling you to review the router configuration. It's a basic tshoot. You need to check the port configuration on the router, the SVIs, etc. Start with the basics.
... View more
You cannot create different VLANs with the same subnet IP address, but you can configure a secondary IP address. But the best option is to review the router configuration. Perhaps the router could be receiving it via DHCP? well, I think he should trust you, but it's his choice.
... View more
Technically you shouldn't be able to configure the same subnet address for different VLANs, but it is a possibility, It would be good to access the Router to validate the settings.
... View more
