I plugged the MG51E into the MX WAN2 and immediately got IPV4 and IPV6 addresses on it. So it is confirmed that the MG51E can provide an IPV6 address and it does not show up on WAN3 on the MX. ... View more

I have implemented this on my MX85 and it is working fine, now. I inserted the Copper SFP in Ports #1 and #2, rebooted the firewall and moved the ethernet connections over to the SFP ports. Once I verified those were working again, then I switched over to Multi-WAN and connected my MG51 to Port #4. The MX was able to pull an IPV4 address from the MG51 NAT Pool. I tried disconnected the ethernet cables from both SFP modules and the firewall did not switch over to WAN3. The firewall completely dropped off the internet and the dashboard. I connected both internet ethernet cables back to the MX and once those came back up and the MX was visible on the dashboard, I rebooted the MX again. Once the MX came up, I tried again to unplug both internet ethernet cables and this time the firewall did switch over to WAN3. It also sent an email alert stating that it had switched over to the cellular port. In this case that is correct, but I think the alert should say WAN3 and not the cellular port. I connected the two internet ethernet ports back to the MX and it immediately started using them again. So a second reboot of the firewall after switching to Multi-WAN seems necessary for the failover to WAN3 to work correctly.   One bug that I see is that even though IPV6 is enabled on WAN3, the MX is not pulling an IPV6 address from my MG51, which is getting an IPV6 address from the cellular carrier and is enabled to pass IPV6 through to the MX.   Overall, the implementation of Multi-WAN is not too bad, but finding out that a second reboot of the firewall is necessary for the failover to work was a nasty surprise that will likely impact many customers that choose this feature. Maybe this is also a bug that will be fixed in future firmware versions? ... View more

If the MX95 is powering the MG21E, you would need a power injector to provide it power in the standalone configuration. ... View more

Her Here's a snapshot from a customer's dashboard. They only have Starlink at their house and they are using a site-to-site VPN connection back to their office. You can clearly see the 100.67.251.73 CGNAT IPV4 address that Starlink is providing. They have been using this for over a year. MX75 on one side and MX67 on the other side of site-to-site VPN. No complaints from the customer on this and they would tell me if they are having problems. Starlink dish is directly connected to WAN1 port on the MX. ... View more

Another Cisco solution is Duo Device Health:  https://blogs.cisco.com/security/enforce-endpoint-compliance-and-cyber-hygiene-with-duo-device-trust   ... View more

Take a look at this article: https://community.meraki.com/t5/Security-SD-WAN/Connecting-to-VPN-from-Windows-11/m-p/173543 Microsoft took away some of the settings in the native Windows 11 VPN client that were present in the Windows 10 VPN client. But if you run the rasphone.exe program, you can set the additional configurations items that are needed to connect to an MX from Windows 11. I have customers that are connecting to MX appliances from Windows 11 computers using the native VPN client everyday and it works fine. ... View more

I have Starlink service too and they made a change in the past where only one device can obtain an IPV4 CGNAT DHCP address from the Starlink dish. It's first come, first serve, so which ever device is first to request a DHCP address from the Starlink service is the winner. I have my Dish connected directly to the WAN 2 port on my MX85. Another other option is to move up to the business class Starlink service. You still have to rely on a DHCP address, but it will be a real public IP address. And then their is IPV6, where you will get a /56 block of addresses. This document from Starlink provides more information about your options:  https://starlink-enterprise-guide.readme.io/docs/ip-addresses   ... View more

Thanks for that advice! I downloaded version 3.8.2 and it installed with no issue on Server 2019. So it appears that version 4.0 may have a bug or it no longer supports Server 2016+ ... View more

I would if I could, but the Meraki Dashboard will only allow me to download the latest version, which is 4.0 ... View more

I have tried to load the agent directly on machines running Server 2016 and Server 2019, all patched to the latest versions. I get the same error message. It appears the 4.0 agent does not understand that Server 2016+ is not Windows 10, even though they share a lot of the same code under the hood. The other question is when was the SM data sheet written, there is no date on it. ... View more

The data sheet for the Meraki Systems Manager specifically says that Server 2016+ is supported.  Systems Manager Datasheet  Look at page 6 of the datasheet. ... View more

It works just fine. I have one looking out my office window. Here are some daytime and nighttime snapshots from it. I apologize about the dirty window 😉     Daytime warped full view Daytime de-warped zoomed in view Night time warped full view Night time de-warped zoomed in view to the right ... View more

If you have deployed Meraki Systems Manager on your corporate wireless assets, but not the employees personal devices, you can also filter on whether the Systems Manager agent is on the wireless device too. ... View more

I have been testing the MT14 and MT15 for Vape Detection and see the same alerting. Their does not appear to be a way to suppress levels falling alert at this time. Looks like it's time to click on the "Give Your Feedback" button at the bottom of the Meraki dashboard pages. You could also engage your Meraki Account Manager on this too. ... View more

I have had problems too with the SMS 2FA prompt not showing up after entering the username and password on several different computers and browsers. Cisco needs to get this sorted sooner rather than later. ... View more

Sorry @RaphaelL , I wasn't trying to talk down to you. The most current Meraki documentation I could find on the MX BGP configuration is here: https://documentation.meraki.com/MX/Networks_and_Routing/Border_Gateway_Protocol_(BGP)   I have an HA pair of MX450 testing 18.207, but they are running in routed NAT mode and I can't turn on BGP for them at this time.   ... View more

18.2 refers to 18.205 and later firmware, so you would have to upgrade your MX to get those features. As of today, 18.207 is now a stable release candidate. ... View more

Why is Cisco calling this a Stable release when you have statements for it like this one:   Due to reasons still under investigation, MX85 appliances may be more likely to encounter an unexpected device reboot on this version. This seems far from stable to me... ... View more

Anyconnect VPN is not supported on the Meraki Go firewalls. Cisco has reserved that feature to the Meraki firewalls and the Cisco firewalls. ... View more

On the Starlink web site for business, they state "Customers on Priority plans will also benefit from 24/7, prioritized support and a publicly routable IPv4 address" This should get you past the CGNAT problem, at an additional upfront and monthly cost. ... View more

This is the Meraki Go Community forum. You should post your question in the Meraki Community Forum, specifically here:  https://community.meraki.com/t5/Mobile-Device-Management/bd-p/enterprise-mobility-management   ... View more