I have questions for our new Meraki proposed setup with Enterprise License, and I would want to know your experience with those regarding below questions 1. Can we connect internet and MPLS lines on a single or dual MX? 2. If we have two internet lines, can we use FQDN based traffic steering to route certain traffic via the primary link and other traffic via the secondary? 3. If we use ZScaler as our SSE, can we specify whether Zscaler traffic should flow over the primary or secondary internet line only? 4. Does routed mode on Meraki imply that it is internet facing, or can it be behind a firewall or router and still be in routed mode? ... View more

How can one improve the user experience when you have an MX appliance on-site with load balancing enabled across two internet lines? I have a site with 50 users and two 100Mbps lines. So far, that site has been operating on an active-standby configuration, but the client just requested that I change the configuration to active + active in order to boost throughput and make better use of the standby line. Now, there was recently some difficulty with the secondary line, which was experiencing packet loss or low latency but never went down, thus Meraki continued to consider it an active line and kept sending traffic on it, and it resulted into site users to have a bad experience due to the degraded connection. Now, how can I get Meraki to move traffic to a better WAN connection if it detects a performance issue with one of the lines? Can I use a customized performance class? Can it simply used for Auto VPN traffic, or can it also be used for Internet traffic? And do I have the option of selecting that custom policy for one of two WAN connections, or does it apply to both automatically? ... View more

We have central Windows server at DC for DNS/DHCP Services. I have moved DHCP role to Meraki MX at site and DC Windows Server is still working as DNS server. So far end users at site receives IP properly, able to resolve and reach  websites and all. Whenever end users gives printing order, it goes to print server in azure and then it returns to site and reaches to local printers, that's the flow. This works fine when MX does not run as DHCP server but the moment I switch it to Meraki DHCP, all print jobs from local user gets stuck at azure print server and does not reach to local printer further. That local printer is reachable from Azure Print Server and vice versa. Tried to run packet capture however does not saw anything weird. Has anyone faced similar issues? Any idea what might be the case here?  ... View more

Hi, I have a Meraki setup where I have 2 hubs.. two Meraki in Physical DC (Hub 1 & 2) and other two in Azure (Hub3 & 4). Now both hub pairs are connected to spokes as Hub1-2 serves DC LAN subnets whereas Hub3-4 serves Azure Route. This organization has "Hub to Hub communication is disabled" from the start because the client had an issue with an earlier organization setup (different org than this), so he made it mandatory for all future organizations to have hub to hub disabled. Given that the Hub1-2 cannot receive the Azure route advertised by the Hub3-4 in order to access Azure resources, a direct S2S VPN tunnel is formed between Azure GW and the DC FW. Recently there been some severe disconnections between Physical DC FW and Azure, with no resolution on the horizon but the impact occurring on a daily basis. Now, I believe If I was to enable Hub to Hub communication and disable tunnel from Physical DC to Azure; then, that Hub1-2 should begin receiving routes from Hub3-4 and the problem will be resolved. What is your take on this? ... View more

I am relatively new to network automation. I understand a little bit about programming. The manager assigned me the task of automating some operations for the Meraki dashboard. For example, make bulk changes to multiple networks within an organization such as VLAN creation, IP whitelisting, VPN exclusion rules, and so on. Those changes wont be limited for multiple networks but sometimes for multiple organizations as well. I've been assigned one Linux VM, and it appears that I'll need to use it as a launch pad for API jobs. I've tried browsing the API documentation and even running a couple of GET queries and was successful, but I don't have a thorough understanding of it, so I'm hesitant.   Where do I begin to learn this? On a high level, I'm thinking about using HTML as a frontend. Fields will appear based on the task selected from the dropdown; the user should enter a value in them and click the enter button, and the API should shoot. Is this too complicated and requires rocket science? Also, is there a way to change the way the result output is displayed? It currently appears in syntax format, but can I convert it to a tabular format with only specific information to be displayed ? For example If I run getOrganizationAdmins, I receive information like ID, name, e-mail, authenticationMethod, orgAccess,AccountStatus,twoFactor, lastactive, tags etc.. If I just want to receive limited info like ID, name, e-mail, OrgAccess then how it can be achieved? I believe that as I learn more, may be I will gain a better understanding of what works and what does not.    But, if anyone has been through this and come out on top, do you have any advice for me? I'd request you to advise me on how to get started, what I should read, and any website/youtube video urls - any assistance in this regard would be greatly appreciated.     ... View more

Hello, Is it possible to do BGP peering with Azure vMX and vWAN Hub without VNET peering? I am told VNET peering between SDWAN VNET and vWAN VNET is absolutely necessary before even beginning with BGP configuration. I thought VNET peering is alternative to BGP routing for communication between vMX and vWAN. Currently my routing is acting strange because of this I believe as I am able to ping IP for which I don't see any routes in vMX route table. Any light on this? ... View more

If Hub to Hub communication is disabled then how specific routes advertised by new Hubs will be learned by existing hubs? ... View more

I am trying to apply QoS policies on Meraki MX to see if it improves anything about Client WebEx call quality   Connectivity is like : User Machine (Soft Phone) > Aruba Switch > Meraki MX > Internet Bandwidth is really sufficient   Neither Default Traffic shaping rule is helping nor selecting application category is helping hence trying to apply customized rules based on destination WebEx server IP which are in internet.   Now webEx traffic or any voice traffic for that matter usually has Call Control, Signaling and Media traffic.   I have used CS3 for Call Control and EF for Signaling and Media. However provider suggests to use EF for Media and CS3 for Signaling but I have one destination IP for Media and signaling so not sure how can I apply two different TAGS for single host IP. For example - Can I apply  EF for 1.1.1.1:TCP and CS3 for 1.1.1.1:UDP? Also not sure how much of this TAG is going to help once packet leaves MX and rushes to internet.    Also I see many RST triggered by local user IP for Call Control within a minute. What could that suggest? Any help would be really appreciated. ... View more