Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
About DSchn
DSchn
Here to help
Member since Nov 22, 2018
Feb 24 2023
Community Record
12
Posts
0
Kudos
0
Solutions
Badges
Feb 28 2023
5:55 AM
Thank you. Disappointing that the API is kinda crippled. How does Meraki suppose that we work in big network environments? Doing all by hand?
... View more
Feb 23 2023
4:02 AM
Thanks, I already looked there, but it seems the API is missing many settings like the ones I mentioned. Any chance the API will be updated? Is there any other way to copy such settings? Can't find anything at the dashboard too, only using templates which I don't want to do.
... View more
Feb 23 2023
2:32 AM
When I understand the API documentation correctly it is not possible to copy all "SD-WAN & traffic shaping" settings like local internet breakout / VPN exclusion rules or SD-WAN policies, or did I miss it somewhere? If that is not possible, how am I supposed to roll out changes in those settings to all our networks?
... View more
Feb 26 2019
5:31 AM
Thank you very much for explaining the difference and functionalities! So what I need is the Auth. Proxy as we just want to secure the VPN access. As I understand the Auth. Proxy can check for AD group memberships just like our RADIUS is doing right now, is that correct? I suppose the Auth. Proxy will sync our AD groups to the DUO administration console? We still would keep the RADIUS for the wifi connections and as a backup if anything goes south.
... View more
Feb 26 2019
3:07 AM
Dear all, we are already using our MX400 for providing client VPN access (with RADIUS) and now want to have a two-factor authentication setup. It seems DUO does the trick, but what exactly is to be done? I read about a DUO access gateway and a authentication proxy, are they the same tool? And what about the Windows 7/10 VPN connection: where will the user put in the authentication code? Sorry, I'm a bit confused how this exactly works out with DUO.
... View more
Nov 25 2018
9:38 PM
DNS doesn't have to do anything with VPN at all, at least not regarding split tunneling/routing.
... View more
Nov 23 2018
1:05 AM
That sure is a nice feature for certain cases, but DNS resolution is not the problem with split tunneling, but the static routing is. As long as the client doens't know that for example 172.0.0.0/8 should go through the tunnel (which Meraki advises to put manually in the routing table of the client) it will try to use the standard interface and not the VPN device and thus fail to reach the host within the 172.0.0.0/8 network. One sure can activate the the VPN device to be the standard gateway, but then ALL traffic will go through VPN which (for us) is not desirable. We only want to have business traffic going through the VPN tunnel and the rest of the (private) traffic go through the users private connection.
... View more
Nov 22 2018
9:41 PM
When connecting to the VPN you need a local DHCP Server issuing an IP and via DHCP options push the routes that are activated in the Meraki dashboard, so split tunnelling is possible. I don't see how a cloud based DNS would help in that case?
... View more
Nov 22 2018
5:11 AM
I find this not very satisfying as I don't want to manually enroll routes on every single client, no matter if it is possible by scripting or not. Will there be a solution for the routes to be pushed by the VPN DHCP Server via L2TP? It should be possible with DHCP option 121 / 249.
... View more
© 2025 Cisco Systems, Inc.
