Meraki

Brash · ‎Jun 12 2022

Congratulations everyone! Keep it up @JonP !

Brash · ‎Jun 7 2022

If you need a replacement beyond the end of support date, I assume either it will be replaced with a MR52 if stock is still available, or potentially support may advise that they simply can't replace it. I highly doubt they will do a free hardware upgrade. If they did decide to replace it with a new model, the same license will apply anyhow.

Brash · ‎Jun 7 2022

The MR52 is end of sales, however you should still be able to buy licenses. Meraki will continue to support MR52 until July 2026. https://documentation.meraki.com/General_Administration/Other_Topics/Meraki_End-of-Life_(EOL)_Products_and_Dates#End-of-Life_Products The license entitles you to dashboard management, device operability, support and replacement upon failure.

Brash · ‎Jun 1 2022

The listed drop in bandwidth is with all advanced security features enabled. You can use the following sizing guide to determine the performance impact of each feature. https://meraki.cisco.com/product-collateral/mx-sizing-guide/?file

Brash · ‎Jun 1 2022

Yes, the MX75 is the lowest model available that supports 1gbps WAN (without security features enabled). Upgrading to a new MX model does require you to buy a new license for that model. However if you're using co-term licensing, you can still gain the benefit of the time left on the existing mx68 license.

Brash · ‎May 30 2022

The main issue in the loga shown are that the port status is going down and then coming back up 4 hours later. The STP state change being logged immediately after the port status change is expected.

Brash · ‎May 29 2022

If I understand correctly, you're asking whether the MX can update a DNS entry in the DNS Server? No there is no functionality for this . The MX will pull the DNS name of a connecting client and populate it in the dashboard where applicable but it cannot happen in reverse - updating a client name in the dashboard won't create it edit a DNS entry in the DNS server.

Brash · ‎May 26 2022

This kind of setup is not possible with Meraki VPN. There's no way to have different VPN connection policies. The best you can do to achieve this is once a user has VPN'd in, assign a group policy to them which contains applicable LE firewall rules. However there's no automated way to apply this. Using the anyconnect VPN however, you can use RADIUS auth and have the applicable group policy automatically assigned.

Brash · ‎May 26 2022

As @ww indicated you're still referencing that subnet in a firewall rules somewhere. You need to delete the rule (or change the subnet on the rule) before deleting the vlan. When looking at the error it from that point of view it's logical, but it could definitely be more user friendly/readable.

Brash · ‎May 25 2022

And to answer your question, "seen on LAN" indicates that the broadcasting device is directly connected to your LAN network (Eg. if you were to connect a non Meraki AP)

Brash · ‎May 25 2022

It looks like it's a false positive related to miiror casting. https://community.meraki.com/t5/Wireless-LAN/Air-Marshall-Rogue-SSID-s/td-p/39859

Brash · ‎May 24 2022

As @PhilipDAth said It's difficult for anyone to provide input into your situation where you've only provided a BOM. Do you have specific questions about your design or the devices you've chosen?

Brash · ‎May 19 2022

You can't force a client to connect to a specific AP. It will always choose the best available based on signal strength etc. The only way you can achieve the same outcome would be to place your music streamer on a different SSID and have that broadcast only from the AP's you want it to connect to. That said, it more of a workaround than fixing the underlying issue. You might need to look into interference or tuning radio settings if it's connecting to a sub-optimal AP.

Brash · ‎May 18 2022

As ping drops towards 8.8.8.8 can be anywhere on the internet, or even rate limiting of Google's server itself, I find it's more useful to have the ISP's next hop as an IP address to monitor. You'll get more value out of the loss and latency graphs and it becomes clearer when your ISP is encountering an issue

Brash · ‎May 18 2022

That's correct, MS resource utilisation is not present in the dashboard. However Meraki Support does have access to this information on their backend if you're encountering/troubleshooting an issue.

Brash · ‎May 11 2022

Once the device has connected to Meraki cloud, the credentials will change from default to whatever is set under 'Network Wide > Configure > General > Device Configuration'

Brash · ‎May 11 2022

You might have to clear the profile and other files from under "%ProgramData%\Cisco\Cisco AnyConnect Secure Mobility Client" You can also revoke sign in tokens from M365 which will end all sessions for a user and force reauthentication.

Brash · ‎May 11 2022

Looks like a similar question has been asked before - https://community.meraki.com/t5/Switching/Stack-MS425-with-LR/m-p/113698#M8225 Flexible stacking is available on MS420 and MS425 switches, which do not have dedicated stacking ports. Any SFP+ interface on these switches can be configured as a stack port. " https://documentation.meraki.com/MS/Stacking/Switch_Stacks#Configuring_a_Flexible_Switch_Stack

Brash · ‎May 10 2022

"Customers are only required to accept terms and conditions of use on the Meraki dashboard after purchasing an AnyConnect license in order to apply it on the MX. There is no linkage of AnyConnect licenses or Smart Accounts to the Meraki Dashboard or MX Appliance." AnyConnect Licensing on the MX Appliance - Cisco Meraki There is no need to link it to the Meraki appliance or dashboard. You simply need to have the licenses purchased and in your smart account in order to abide by the licensing agreement.

Brash · ‎May 10 2022

That's a good guide to follow. Is your web server directly connected to the MX or elsewhere in the network? Is the webserver tagged correctly with the new vlan? Are you able to reach it from another computer in the network on vlan 20?

Brash · ‎May 7 2022

Woo! Congratulations everyone, especially to @van604 ! Keep up the great contributions.

Brash · ‎May 7 2022

That's a good point. By the sound of it, the dishy stats interface doesn't have a default gateway, so you won't be able to reach it from other subnets. This is where an outbound NAT rule would resolve this, however Meraki MX's do not support outbound NAT on a LAN interface.

Brash · ‎May 7 2022

Static routes can only be added to the MX where the next hop is on a local subnet. From what I've read, most people are working around this by placing a switch between dishy and the MX. They then connect both the MX's WAN port and LAN port to the switch, and create a vlan on the MX with the 192.168.100.x subnet in order to reach the stats page. Can't say its elegant but apparently it works...

Brash · ‎May 4 2022

Quick check of the Microsoft doco shows you've covered most of the ports. Can you run a packet capture (on whichever Meraki device is most applicable in your network) to see which other ports the PC is attempting to communicate to the DC?

Brash · ‎May 2 2022

As @Ryan_Miles said, you're looking under "wireless" which is configuration for standalone AP's. Configuration for the wireless functionality built into the MX device is under Security & SD-WAN/Teleworker Gateway > Configure > Wireless settings https://documentation.meraki.com/MX/Wireless/MX_and_Z-Series_Wireless_Settings

About Brash

Brash

Community Record

Badges