If they are close together or relatively close your probably dealing with overlapping wireless radios. What I typically do is adjust the radio settings to help load balance devices. First off I usually enable band steering and client balancing in the wireless > radio settings > RF profiles. Then if you are still not getting the load balance you would like to see. you can adjust the radio transmit power range to help keep clients on one AP or another. Its a little bit of trial and error to get right based on the number of clients. I recently had an issue with a school where I spent the better part of a day trying to get 2 MR76s to balance right with about 150 clients. Word of advice don't change too many settings at once.   ... View more

I dont know if this is your issue or not but you might adjust the WPA encryption mode. WPA 2 should be most common and work for just about everything. I had issues in the past with using the legacy options.  ... View more

Good afternoon Alex. I would not reccomend using a 1:1 Nat as it could expose (and probably will) your xbox to the entire internet. If you are getting a Strict NAT type this tells me that your firewall is probably behind a NAT OR your ISP is also NAT'ting your internet connection. A quick check for when I run into this is to see what the actual IP address is you are getting on your firewall. If you check the uplink tab under appliance status. you should see "public IP" in grey with what Meraki sees as your public IP. If that IP is not the same as your WAN 1 confgured IP then likely your device is behind a router or something is Natting your device upstream. Often with home users your ISP provides a local network (192.168.x.x 172.16-32.x.x or 10.x.x.x). If that is the case you would want to work with them to get your router configured in pass through mode so that your MX pulls a public IP rather than a private.  ... View more

Do you know if there is an active feature request? I found that group hard to query to know if its been requested.  SAML with group polices is a huge help though. I have more customers wanting this solution. We need the group policies (especially in radius) as this is how we secure our VPN access for vendors. Thank you for your quick responses today. Been managing meraki devices for about 7 years now and never used the forums. ... View more

Ooof. I hate that this is accurate. We utilize the Azure MFA with NPS extension that works really well for our use case but trying to stay up to standard with MFA is challenging. We dont have a central VPN location and have multiple locations so the cost value of using a separate FTD does not fit our use case. I am wondering why the AnyConnect implementation is not as full featured as the FTD? I am trying to keep everything meraki but our company is starting to leverage fortigate and that breeds a new group of problems. The FTDs having to have a complementing server is just not a good solution for a multiple remote site company as we have the costs would completely remove that as an option. ... View more