Community Record
17
Posts
3
Kudos
0
Solutions
Badges
Sep 15 2022
8:10 AM
Hi All, I am aware that it is possible to configure ISE to override the MS port VLAN following successful device authentication ( such as placing computers in the corporate data VLAN if they pass certificate based authentication), however is it also possible to apply an ACL to the session to enforce L3 communication from the computer (similar to how dynamic ACLs/DACLs work with Cisco Catalyst switches)? Thanks
... View more
Apr 5 2022
5:31 AM
Thats great, I really appreciate you testing this. Much appreciated!!
... View more
Apr 5 2022
5:02 AM
I cant test at the moment as I'm offsite. Looking at the link that you attached, it appears that the Meraki MX will automatically respond with 'Option 3 - Router' using it local IP address, however its not really clear if you can override Option 3 and specify a custom IP address. It looks like this is possible in the dashboard, but I'm not sure if the MX will honour this or if it will override and return its own IP address Has anyone tested this before?
... View more
Apr 5 2022
4:24 AM
1 Kudo
Hi All, I'm currently configuring an MX Firewall as a DHCP server and cant find an option to change the gateway IP address that DHCP allocates. This is required to support a migration as I want the MX to initially act as a DHCP server for the connected clients but for the clients to use the old firewall that is located on the same VLAN as their default gateway. Example below Old Firewall (Gateway) - 192.168.1.1 New Meraki MX Firewall (DHCP Server) - 192.168.1.2 Clients - 192.168.1.10 - 200 Can I override the DHCP gateway using custom option 3?
... View more
Feb 14 2019
1:36 PM
Hi, Did you ever get this issue resolved? If so, what was the fix as we are experiencing issues with a topology similar to yours. Thanks
... View more
Jan 17 2019
2:24 AM
Hi All, This maybe a daft question but are there any issues with changing the name of a live network under Network Wide - General - Network Name? I have been asked to change the name of a combined network but I'm not sure if this causes any brief issues with devices connecting to the dashboard etc. Thanks
... View more
Jan 10 2019
12:36 AM
Hi All, I need to replace a failed Meraki switch that is a member of an existing switch stack. I'm going to use the Clone and Replace feature, however, its not clear what is cloned from the failed/source switch to the replacement/destination switch. Are only the switchport settings etc copied or do these have to be manually reconfigured? Are other settings such as management IP address/hostname etc copied or do these have to be manually reconfigured as well? Thanks
... View more
Nov 22 2018
1:45 PM
Ok, thanks for the reply. I will keep any eye on this and see if it actually causes an issue as the error is a little confusing.
... View more
Nov 22 2018
7:42 AM
Hi All, I'm seeing the alert 'Disabled Switch (BAD DNS)' under the connectivity status on my MS250 switches. This occurs a couple of times a week, however, I dont know why and what the impact is. Does anyone know why this error is produced, and more importantly, what does is mean by 'Disabled Switch'? Does this mean that traffic flow is being impacted? Thank you
... View more
Nov 13 2018
5:39 AM
2 Kudos
Hi Owen, Ahh yes. I will try and test this when I can. Thank you. Added support for assigning a /31 subnet to the MX’s uplink via the local status page. The IP address assigned to the MX must be the higher of the two available IP addresses in the /31 subnet
... View more
Nov 13 2018
5:30 AM
Hi Philip, Our ISP has checked and confirmed that option 2 is possible so that is not the issue. The issue is that I'm not sure if the MX will support the same 1:1 NAT rules via both Internet 1 and Internet 2 interfaces. For example, if my public IP block is 1.1.1.0/29 and public IP 1.1.1.1 NATs to internal 192.168.1.1 via Internet1 during normal operation, then what happens when the ISP detects a failure and routes 1.1.1.0/29 to Internet2? Can I setup the same NAT rules on both WAN uplinks to support this? Thank you
... View more
Nov 12 2018
11:38 AM
Sorry forgot to mention - I'm only trying to achieve internet resiliency here and not MX appliance resiliency. When the primary internet circuit fails that carries the /29 prefix used for 1:1 NAT, I need that /29 prefix to route to the secondary internet connection, which is possible on the ISPs side, and NAT on the MX. Essentially I will be duplicating the NAT rules for each uplink but I dont know if this is possible
... View more
Nov 12 2018
10:00 AM
Hi All, I need to setup 1:1 NAT on an MX250 so that in the event that my primary WAN uplink fails, inbound traffic will NAT via the secondary WAN uplink. I have read the below guide that illustrates that a secondary NAT rule can be configured for failover using a different uplink, however, this uses a separate public IP address. In my scenario, the ISP will automatically advertise the /29 public IP address block via uplink Internet 2 (using static routes that are advertised into BGP) in the event that the primary internet connections fails. Is this possible on the MX? Unfortunately I dont have one available to test this with. https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Configuring_1%3A1_NAT
... View more
Nov 12 2018
9:52 AM
That's a shame, I will need to use /30s instead. Thanks for the response Philip
... View more
Nov 12 2018
7:16 AM
Hi All, I cant find an answer to this, but does anyone know if the Meraki MX supports /31 subnets on the WAN uplink interfaces? Thanks
... View more
My Top Kudoed Posts
Subject | Kudos | Views |
---|---|---|
2 | 9405 | |
1 | 5112 |