@ranjankumarsgh What version of firmware are your access points using? Also, is that access point on the same VLAN as the others? I ask because fec0::/10 is a deprecated site local address, and there might be a router on that VLAN advertising that subnet. -Dave
... View more
@akehn No, you do not have to plug all switches into the MX. Each switch should have an up-link defined. I typically use port last port on a switch (24 on a 24 port switch, or 28 if using SPF) as the up-link from the previous device in the chain. I use port 23 (or 27 if using SPF) for the up-link to the next device in the chain. On each of those ports, I set them to Trunk Ports and set the Allowed VLANs to what I need. Keep in mind that each port connected to another port via a patch cable need to have the same VLANs definition.
... View more
@akehn Any connection from MX to MS, or MS to MS or MS to MR is considered an uplink. The switch port settings on the MX are on Security & SD-WAN -> Addressing & VLANs -> Per-port VLAN Settings Both connections for an uplink should have the same VLAN IDs. -Dave
... View more
I have a MG21 connected to Wan2 and fail over works a little too well! I would like to setup firewall rules to block either certain networks or certain web applications when running on Wan2 to cut down on cellular charges. I have cellular firewall rules enabled, but they don't take effect for Wan2. Is there anyway to accomplish what I am trying to do? Thanks, -Dave
... View more
@Marc_Abaya , No, however credentials are cached on the device, so username / password is usually done infrequently. When a user is suspended or deleted, the user cannot sign into their machine or the WiFi. - Dave
... View more
@Marc_Abaya , JumpCloud also has Active Directory integration, so users are synced between Cloud applications and local accounts. Add in the SSO support and Zero Trust, it is a powerful system. Pricing can be by ala carte or by package, with discounts for education and non-profits. - Dave
... View more
@Marc_Abaya You are welcome. The RADIUS setting support 2FA if that would suffice for your needs. Also, JumpCloud Protect Push notifications use Public / Private keys for authentication. -Dave
... View more
@Marc_Abaya That depends on your use case. For Cloud Directory and RADIUS it would retail for $5 per month. It goes up from there depending on features. You can see all the pricing here: https://jumpcloud.com/pricing I am a JumpCloud Partner so I can walk you through a demo and explain how it all works. I can also help with purchasing, configuring and debugging, If you like. If you have a lot of users and are worried about price, I can work with you on that too. -Dave
... View more
@bento23 You could still use RADIUS for the WiFi, without a JumpCloud agent on a Chromebook or phone. You will need the users defined in JumpCloud, and optionally added to a group (Say, WiFi users). Then configure a RADIUS setup and assign the group to it. For extra security, you can setup RADIUS with 2FA.
... View more
The process for JumpCloud would be: 1 import AD users into JumpCloud 2. Create a group and add the users who should have access to the WiFi 3. Go to RADIUS and setup RADIUS and assign the group to the RADIUS Configuration. 4. Setup SSID to use Enterprise with my RADIUS server and enter in the information for JumpCloud's RADIUS servers PM me if you want more information about JumpCloud. -Dave
... View more
I second the motion for JumpCloud. The have 2FA Push notifications for signing into JumpCloud and RADIUS and LDAP, and coming soon are push notifications for RADIUS.
... View more
You can use JumpCloud for RADIUS authentication. While there is not currently a JumpCloud client app for Chromebooks, they can still use RADIUS authentication, and to an extent, Zero Trust. PM me if you want more information about JumpCloud - Dave
... View more
I use JumpCloud. It as basically AD in the Cloud, plus SSO, RADIUS, LDAP and Zero Trust and more. PM me if you want more information on JumpCloud. - Dave
... View more
@charles07 If you have an Active Directory server, you can set the VPN up for RADIUS authentication. If you don't have AD, you could use a service such as JumpCloud for their Radius server. If you want to find out more about JumpCloud, pm me. - Dave
... View more
The Dashboard seems to be down again. I am able to sign in, select a customer, but the page hangs or takes an extremely long time to display.
... View more
@Bruce According to the Meraki September Download, you are exactly right. SD-internet sends traffic to cloud services over the best WAN connection. And it does require SD-WAN license. Here is a quote from the product description: "With SD-Internet Steer customer traffic to SaaS or public cloud-based applications over the best-performing WAN connection at the time the traffic is forwarded" -Dave
... View more
I am working with customer who is looking at getting a SAS service that runs on Azure. The vendor said that they need to charge extra because my client has a Meraki firewall. When I pressed them on that they replied that my clients needs a vMX to get the site to site to work, because Meraki isn't really compatible. Upon research I see that there is value in using a vMX over directly connecting to Azure. The vendor never said the upcharge for the Meraki, but it looks like a couple of hundred of dollars a month. I will be quoting a vMX-S. It is my understanding that the vMX installs as a network adapter. I am new to all of this, so I don't really know what monthly Azure costs for a vMX are. Is a couple of hundred a month reasonable in anyone's experience? Thanks in advance. -Dave
... View more
I have a MG21 connected to a MS120-24P. The switch is powering the MG21. The port the MG21 is plugged into is set up as Access (not Trunked) and a VLAN is specified. There is another port on the switch set as Access and the same VLAN. The cable plugged into that port runs into Wan2 on MX65. This setup started working once I had the correct APN specified in the MG21
... View more
Is the device company owned or personal? I have experience on personal Android devices where Systems Manager creates a work profile. The Google Playstore app in that profile will only show approved applications.
... View more
//
//
LITHIUM.InformationBox({"updateFeedbackEvent":"LITHIUM:updateAjaxFeedback","componentSelector":"#informationbox_6a00872c7327ed","feedbackSelector":".InfoMessage"});
LITHIUM.InformationBox({"updateFeedbackEvent":"LITHIUM:updateAjaxFeedback","componentSelector":"#informationbox_6a00872c7327ed_0","feedbackSelector":".InfoMessage"});
LITHIUM.InformationBox({"updateFeedbackEvent":"LITHIUM:updateAjaxFeedback","componentSelector":"#informationbox_6a00872c7327ed_1","feedbackSelector":".InfoMessage"});
LITHIUM.InformationBox({"updateFeedbackEvent":"LITHIUM:updateAjaxFeedback","componentSelector":"#informationbox_6a00872c7327ed_2","feedbackSelector":".InfoMessage"});
LITHIUM.AutoComplete({"options":{"autosuggestionAvailableInstructionText":"Auto-suggestions available. Use Up and Down arrow keys to navigate.","triggerTextLength":4,"autocompleteInstructionsSelector":"#autocompleteInstructionsText_6a00872a278e76","updateInputOnSelect":true,"loadingText":"Searching...","emptyText":"No Matches","successText":"Results:","defaultText":"Enter a search word","autosuggestionUnavailableInstructionText":"No suggestions available","disabled":false,"footerContent":[{"scripts":"\n\n;(function($){LITHIUM.Link=function(params){var $doc=$(document);function handler(event){var $link=$(this);var token=$link.data('lia-action-token');if($link.data('lia-ajax')!==true&&token!==undefined){if(event.isPropagationStopped()===false&&event.isImmediatePropagationStopped()===false&&event.isDefaultPrevented()===false){event.stop();var $form=$('