Sorry, I meant on the MR's - i.e. non danger of the upstream MR taking out the downstream one whilst its still downloading firmware? ... View more

Thanks Ryan, yes that is my plan to build in a lab first.   Once deployed, when we do MR firmware upgrades is there any special consideration for this setup - i.e. with downstream switches you can do staged upgrades to prevent an upstream switch from rebooting whilst the downstream ones are still downloading firmware. ... View more

Hi Ryan, We are now close to placing orders for a LAN Upgrade that includes two MR76's to provide a mesh link across a road to another building.  The remote building will have an MS switch and a couple of MV cameras connected. Will the remote MR76 boot up ok given that the LAN side of it wont have any internet hence dashboard connectivity when it boots, i.e. the mesh needs to form before the remote MR/MS/MV will have internet connectivity.       ... View more

Tha'ts great, thanks Darren. ... View more

Thanks Ryan, I will have another look a lot closer next week then 😀   Are you able to share any timescales around SSO support for Meraki Display? ... View more

I must admit I didn't actually try to make any changes when logged in as a camera only admin, I had assumed the word 'admin' meant they could be changed with a usage case being for installers to adjust settings when installing.   You say SAML is  already supported. - There is no option to login using SSO on the latest Meraki Display App that I have installed - how do I login to Meraki Display using SSO?     ... View more

Thanks Ryan. I have done that but the problem is if they login to the dashboard then it gives them admin access to the cameras. All I want is for them to view live video, they are not admins, they are people that work in warehouses and weighbridges!   Do you have any idea when SSO will be supported as this will solve the issue -  we can then just map the relevant SAML role and lock the Azure account down so that it can only be logged into from the site.     ... View more

Isn't that for Admins though? The account is solely to diaplay the videowall ... View more

Roles only apply to SSO.  SSO isn't supported in Meraki Display.  Hence I am unsure how to create a user and give them access to cameras only? ... View more

Thanks Philip, that looks like a great solution. I will investigate pricing and look into a trial to confirm it will achieve what we need. ... View more

Thanks @PhilipDAth & @Ryan_Miles  Breaking out the cameras into a separate network, or even organization seems a bizarre approach to address what in my opinion is a fundamental issue with access rights not being granular enough. I wouldn't have thought it unreasonable to be able to prevent some network admins from being able to access video.  If say 2 roles were passed across via SAML, the 1st being Full access to network XYZ and the 2nd being a camera/sensor role that denies access to footage on cameras in network XYZ, then the result should be the user being able to access all the network settings for the camera, but just not able to see the image itself (dashboard and vision Portal). ... View more

The issue I have is on the Camera & sensor roles page the you cannot restrict what sensors the user can see.   The "All sensors" box cannot be changed. Need to be able to select sensors  by network, tag or model.     ... View more

Does the remote MS have to be in a different VLAN from the MS's on the local site. We have a Network Mgmnt VLAN where all the MS's, MR's etc have static IP's. ... View more

Thanks for the prompt reply Ryan. No, there will not be any MR's in the remote building, just VLANs on the switch there. Sounds like a result, many thanks. So I can get away with an MS120/130 in the remote building. ... View more

@Ryan_Miles I know things have moved on since this thread so just wanted to check out if we can now do this using MR76's. I have a remote building that I need to extend the network into.  The remote building will have a switch and needs to support multiple VLANs (cameras and users etc). I don't need any clients to connect to the MR76's (although bonus if they could), I just need my VLANs that are available in the main site to be available on the switch in the remote building (over the road).  All interVLAN routing is currently done on MX's.   ... View more

Do we know if/when this will support SAML? All our logins use our Azure.   ... View more

Really?, wow that is not good then.  It doesn't matter too much for me as we send traffic from guest subnets over WAN2, it was more to limit the bandwidth from guests on WAN1 when WAN2 failed. Yet again, another reasonable feature that's not available on the MX, it does make me question whether the MX is really fit for purpose as a firewall. ... View more

Ahhh finally!!! Thanks for sharing 🙂 Yeah, roll on the same info for MT etc. although I see MR is due imminently...     ... View more

I achieve this via the Traffic shaping rules where I limit the total bandwidth available to all clients on specific subnets added together, as per below:   ... View more

I have tested giving the user R/O access to the network that the cameras are in, and yes that ensures that the floorplan shows correctly in the Vision Portal.   The problem is though that these are just users - they will just get confused with seeing AP's, switches, Security appliances etc.   So its not something we can enable just for the cameras to show correctly on the floorplan.  The Google maps display is of no use - it shows cameras in the middle of the river - not having the display at all would be better than the google map without a floorplan to show where the cameras actually are.    The site would use this to show contractors where the cameras are physically located when they need maintenance/replacement.   I will therefore leave this as-is and submit a Feedback form on the dashboard.   ... View more

Thanks Ryan.  I will have a look in the morning although it does seem strange that it isnt displayed by default in the Vision Portal. ... View more