I think it wants the L3 switch to be in a central location, too. I've got a network that goes: MX -> MS120 -> MR74 ~ ~ wireless bridge ~ ~ MS210 Clients end up showing up very strangely. Things on the MX side weren't always identifying by device name. The clients that weren't identifying correctly, I couldn't assign a group policy to them - the option was completely missing from the client page.    I wish I had a network that was a little more standard to test it on, but alas. ... View more

That looks like a fat-finger to me. Have you looked at Wireless Health vs the event log? It'll identify culprit clients for you easily, as well as help diagnose where in the process wireless is hitting problems on a per-AP basis. ... View more

Opening a case. ... View more

Are you connecting to active or passive FTP servers? If you're not sure, you need both 20 and 21.   Just to check, you're using regular FTP and not SFTP? Because if SFTP, you'll need 22 as well. ... View more

I can't see a reason why Google's DNS would be an issue, and it's a bad idea to start making a lot of changes at once.   Start with the AP restart and some reconnaissance.    If you look at the logs, do you see a lot of client dissociation/reassociations for specific clients reporting issues? Can you run any packet captures when a client's seeing issues, from AP to client and - ideally - on the client itself? I know that's a pain with an intermittent issue. ... View more

What OS is the endpoint that you're connecting from? If it's Win10, you can and should be setting it up using PowerShell. I've got some scripts you can use or base your own script off of. ... View more

Have you restarted these APs yet? If not, I would. Did you have a firmware change recently on the APs?   I'm grimacing at the idea of cranking all of your radios up to 100% broadcasting. For reasons of politeness and better performance, you typically want the radios negotiating their broadcast volumes on their own. More signal is very rarely the correct answer, especially in a system that had been functioning up until now. ... View more

You're not living under a rock. Unless you talk to people who've been there and done that, it's hard to know what training resources are considered solid. Your time is valuable, and there's no sense in wasting it on training materials that are missing just   huge huge chunks   of information, or are very badly written. Or have awful static and unpleasant speaking voices, lol. ... View more

You can't pull active lease info.   You can't pull vlan info if vlans are not enabled. It's simple to check if vlans are enabled, and simple to enable them. Even if you only have a single vlan, imho, the benefit of manipulating vlan info via API is greater than the risk.   You can pull per-vlan per MX network if a dhcp server is active, scope, reservations, exclusions, lease time... Go here for complete list.   I've been using this heavily to build a report of management IP assignments on Meraki equipment per organization, specifically if they're static or DHCP, and if an MX on the same network has a lease. 600+ lines of code later... ... View more

You could allow specific legitimate devices access to SMTP ports. (Often necessary on printers that scan to email.)   You could then block all SMTP ports outbound for everything else.   If something breaks, then the owner of the broken object can work with you to evaluate and resolve. ... View more

How do you know that spam is originating from your network? Is it solely due to the blacklisting?   Where does your mail server live? Is it local or hosted?   Also, what's the subnet size on your WAN links? If that subnet includes more clients than just you, and you only know from being blacklisted... it could be someone else's bad behavior. ... View more

Why not enable VLANs, but only have a single VLAN created? That enables you to use "List the VLANs for an MX network" to get subnet, dhcp, etc information.   It's what I've done in the recent past, such as yesterday. ... View more

If you want to learn some about network reliability engineering and automation, Juniper helped create NRE Labs.   Very highly recommended. ... View more

Yes. In my experience, works beautifully.   If you're changing this for endpoints, doing the swap at night + telling your users to reboot their PCs in the morning also works beautifully. Even better is scheduling reboots so there's no user failure, muahaha. ... View more

For CCNA R&S, I used CBT Nuggets, Wendell Odom's book, and Todd Lammle's book. For labs, I had Boson labs thru my school but I think you'd be fine with either some eBay gear or Packet-Tracer labs.    For the new CCNA due in February 2020, there's already course materials out there and available.    CBT Nuggets for me was Jeremy Cioara, who is really engaging! My partner (db admin) would eavesdrop and crack up.   Wendell Odom dives into detail more, but is very dry.   Lammle was a little more surface level, but more engaging.... to me. I've had coworkers tell me he's also dry, but networking is My Thing so I was pretty happy.   Pluralsight also has some older courses that still overlap with the new requirements. If I had to get one online training, I'd get CBT Nuggets. ... View more

My solution for Windows 7 is update your machines to Windows 10 right this second, because a) Windows 7 doesn't have the necessary PowerShell cmdlets, and b) Windows 7 goes end of support on Jan 14, 2020.  ... View more