Register or Sign in
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- About RaphaelL
RaphaelL
Building a reputation
Member since Nov 22, 2018
4 hours ago
Community Record
118
Posts
42
Kudos
2
Solutions
Badges
Friday
@PhilipDAth Seems to be right once again : A test is considered successful if the Meraki device receives any kind of legitimate RADIUS response (i.e. Access-Accept/Reject/Challenge) from the server.
... View more
Friday
1 Kudo
We just found out that the user test is missing from our Cisco ISE config : I would advise you to verify your RADIUS server
... View more
Friday
1 Kudo
Well ! I was about to post here. I have the exact same issue and this is the response from Meraki Support : I would recommend looking at some of the historical logging on ISE. RADIUS traffic is also UDP, so there is a potentially that it may not have arrived and could be the cause of this alert showing. Although this feature is not available to see syslog or logs in dashboard for recent 802.1X failure, we take our customer feedback seriously. We encourage you to use the Meraki dashboard to "give your feedback" and submit a feature request. You can submit a feature request at the bottom of any dashboard page. Any wish that is made sends an email to our Product Managers and Development Teams. These wishes are taken into consideration and are used to help shape our product roadmaps. The most wished-for items are incorporated into product development. My response somewhere around : You are offering me a health checking service that has no logs , so no way to see what went wrong, how it went wrong. This is basically useless.
... View more
Thursday
I have over 5000 networks in that Org and I like to be able to go to Overview -> Networks / Devices to see if there is any issues. I know that when using the API it returns me the correct number of devices that are ''alerting''. The dashboard isn't. I'm not refering to alerts from network-wide -> Alerts page to send alerts when ''X'' event is happening. I did open a ticket and I have a strong feeling that the TAC will suggest a feature request, which to me is absurd considering that the API returns the info ,you just have to display it correctly in the dashboard. Anyway, to be continued.
... View more
Thursday
@BlakeRichardson I totatly agree with you ! In my case a device has been reporting ''Config is out of date'' for more than 3 weeks ! I would have like to be informed of that issue way earlier than randomly coming across it.
... View more
Thursday
It really should ! Just found out that " Recent 802.1X Failure" and "T his switch's current stack members differ from the dashboard configuration" alerts are also affecting MS Switches. It is odd enough. I will open a case.
... View more
Thursday
Hi , I have been experiencing some issues to properly identify Networks and devices that are alerting. For example , I have a device that is in the " Configuration is out of date" state for months but the Overview -> Devices page doesn't display the device as alerting. When going to the network Appliance Status OR via API ( {0}/organizations/{1}/devices/statuses ) it correctly identify the device as ''alerting'' : Appliance status page : Org -> Overview -> Device page I think that the events ''Configuration is out of date'' and ''Unable to fetch config" are the 2 states that do not trigger in the Overview Page , which is a bit odd to me. Has anyone experienced this before ? I'm about to open as case to see if it's a bug or not. Thanks ,
... View more
Labels:
a week ago
Hi , I manually selected channel 100 and it seems to be working fine. I'm the only AP in all 30-40ish SSID near me in that channel. I will test it out. If I'm running into compatibility issues with some devices ( TV , smart IoT ) I will revert to channel 40.
... View more
2 weeks ago
Where you able to confirm if the VRRP MAC between your MX450 and MX250 followed the same mechanic ?
... View more
2 weeks ago
Woops ! I just edited my post to include the firmware versions. I will have to test in my lab if bringing the MX250 to the MX450 version will change the behavior ( which is still not the one expected from the RFC ) I was expecting a MAC 00-00-5E-00-01-XX
... View more
2 weeks ago
4 Kudos
Hi , I was curious about that behavior so I did a couple packet captures on both our MX450 and MX250 Warm Space ( LAN captures ) MX450 MX 15.40 : Uses the burned-in MAC for the VRRP MAC ( not following the standard in RFC 5798 ) MX250 MX 14.53 : Uses a special MAC CC:03:D9 + End of the burned-in MAC of the device ( not following the standard in RFC5798 ) I'm a little bit surprised to see that both MX450 and MX250 are not following the RFC AND they are not even using the same mecanic for the VRRP MAC selection....
... View more
2 weeks ago
Hi , Thanks for the reply. I thought I could use the first channels for UNII-2E as shown : Not a single AP is broadcasting in that range. But It could be simply due to your first explanation. Thanks
... View more
3 weeks ago
Hi , I have a simple ( I hope so ) question about Meraki AutoRF and I'm no wifi expert! I live in a village with couple houses near me but it is not really crowded. My MR33 at home shows little to no interference in the 5ghz band : My AP is using channel 40 with 80mhz channel width. In the RF Spectrum page. I see around 15 BSSID in the UNI-1 , UNI-2 and UNI-3. The entire range of UNI-2 extended is free. Why isn't AutoRF steering my channel to the UNI-2 extended. Is there a reason ? Should I manually configure it to UNI-2 extended ? I don't expect new neighbors or any new AP near me in the future. Even though there is little to non interference at the moment , I'm just curious to see it unused. Thanks ,
... View more
Labels:
3 weeks ago
Using the shard URL instead of using "api.meraki.com" solves the issue ! I will open a ticket and assign a priority on it. Thanks !!
... View more
3 weeks ago
I know it doesn't make sense that the query would take 2 minutes to respond but the pcap is not lying. Meraki acknoledges the API Call but never returns anything then after 120 seconds closes the session. I have used lots and lots of differents calls but it seems to be only affecting this one. Sometimes it will time out after 60 networks , sometimes more. But I can reproduce the issue all the time. My code is very similar to the snippet on the developer website. I have retried the same network and got it to work : 350 - Meraki ACK the API request 370 - Sends the Data back 371,375,376 TCP Session ending. Client caused the session ending.
... View more
3 weeks ago
Hi , I have been experimenting lots of timeouts with api.meraki.com recently. I have tried with both my personal PC on my home network AND from my work PC from corporate network. I was able to take a pcap of what is happening : On packet 6448 Meraki ACK my api call but then 120 seconds later Meraki tears the connection due to inactivity... but I was waiting on them to retrieve me the info... Python requests module returns : requests.exceptions.ConnectionError: ('Connection aborted.', RemoteDisconnected('Remote end closed connection without response')) The API call made seems to always be : '{0}/networks/{1}/devices'.format(str(base_url_v1), str(networkID)). It's never the same network but they are in the same Org ( Org isnt specified here ) I'm not using the SDK , I'm using a simple function with requests. def getNetworkDevice(apikey, networkID):
geturl = '{0}/networks/{1}/devices'.format(str(base_url_v1), str(networkID))
dashboard = requests.get(geturl, headers=headers,timeout=600)
result = __returnhandler(dashboard.status_code, dashboard.text)
return result Has anyone ever seen those kind of issue ? I'm about to open a ticket. I know I could simply use a smaller timeout than Meraki and retry until I get a response , but this is only a temp fix.
... View more
4 weeks ago
2 Kudos
Hi , We currently have MX running 14.53. Let's say we have a firewall rule that allows 1.1.1.1 to 2.2.2.2 on tcp/443 and we have an active session between the two hosts and we remove the rule that allows that trafic.The session will still be active. I was surprised to see the session no to be purged by the MX. The MX will not be blocking the trafic as long as the session is active OR the MX reboots... In our case it took more than 24 hours for the MX to stop logging hits to the ''ghost'' rule. That doesn't seem to secure to me. Any other firewalls that are doing that behavior ? I would expect the sessions concerned to be purged the second that the trafic is no longer permitted. Meraki TAC have confirmed that this is the expected behavior. Thanks.
... View more
08-10-2021
05:44 AM
Hi , I was wondering if any MR AP in any modes ( mesh , repeater etc... ) are sending BPDUs ? If not , what is the best pratice regarding STP towards AP ports ? BPDU guard ? Thanks ,
... View more
07-13-2021
05:50 AM
Hi , After all these years , is there any implementation of DHCP snooping yet ? I don't see any way to enable it , but access ports in trusted/untrusted state and so on. I just did a test yesterday and I was able to snoop on DHCP requests made by another client. Thanks ,
... View more
02-11-2021
08:08 AM
Salut , Tu peux faire la capture directement dans le dashboard Meraki. Network-wide -> Packet Capture.
... View more
02-08-2021
11:14 AM
That was an easy one , I'm always having to convert the change logs. If only we could get something like Cisco ( service timestamps log datetime localtime show-timezone )
... View more
My Accepted Solutions
| Subject | Views | Posted |
|---|---|---|
| 1850 | 07-17-2019 11:50 AM | |
| 2721 | 05-14-2019 07:04 AM |
My Top Kudoed Posts
| Subject | Kudos | Views |
|---|---|---|
| 4 | 149 | |
| 3 | 1346 | |
| 3 | 4912 | |
| 2 | 142 | |
| 2 | 1544 |
