- About RaphaelL
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
Community Record
42
Posts
13
Kudos
2
Solutions
Badges
2 weeks ago
We have the exact same issues. I opened a case couple weeks ago without any way to fix it. Open SSID , IOS only and MR33/MR32 running on the 25.13 firmware. This is really annoying and currently affecting over 7k of our users.
... View more
2 weeks ago
Hi there , Since this morning , I noticed that the dashboard is doing a traduction of half the device status. My browser is in french ( same as my OS , but my dashboard preferences are in English ) : I found that funny. It doesn't bother me at all , was just wondering if I was the only one with that feature .
... View more
4 weeks ago
Do you mind sharing your source code or a part of it. I'm having the same exact issue as you and it was working in the past. I was so close to open a ticket / post here about this issue , but I figured out that my code might be in cause , although it was working in the past... Thanks
... View more
08-20-2019
12:01 PM
MX67-68 still don't support .1X with the latest Beta software and doesn't seem to be in their roadmap either.
... View more
08-08-2019
04:59 AM
Well , Support was able to reproduce the same issue in their lab. But it is only affecting Windows OS... "I was able to get a Windows 10 client setup in my lab and in that case I am now seeing the client perform a DHCP Renew every time it reauthenticates via .1x, exactly like we're seeing in your client sites. So in this case it appears that the DHCP transaction after a .1x reauth is expected for Windows 10 clients at least. " Has anyone experienced this issue ? Anyway to fix it ( parameters in windows or something ) ?
... View more
08-05-2019
02:02 PM
Well , long story , I'm fully aware that Meraki products do not fit us at all. Also our 500-600 MX are all in configuration templates so the less we mess with it , the better. Thanks for the suggestions the public IP is always my last resort ( and I have used it in the past ). Preconfiguring our MX is always the best idea, but since we are a big company it's not always easy to keep track of everything. I might close this thread since there is no way to configure a mgmt interface. Thanks !
... View more
08-05-2019
10:37 AM
Well , maybe my first post wasn't 100% clear. We have already set the creds within the cloud management and yes within the same subnet you can go to https://mx.meraki.com . But let's say the MX is installed in a remote site and https://mx.meraki.com ( These URLs will work for any Cisco Meraki devices listed above, but will only access the first device in its path. ) so we have to reach it with an IP that is configured on the MX. To do so , you have to create a vlan interface and set an appliance IP. That IP will get you to the local page, but at the cost of creating a useless vlan interface. This is how we are dealing with the local page for the moment.
... View more
08-05-2019
10:17 AM
We are on the same page. But we have many cases that we need to configure the MX from the local page ( PPPoE ) which ( why ? ) can't be done from the dashboard
... View more
08-05-2019
08:57 AM
I was wondering if it is possible to configure a management interface on a MX without having to create a dedicated vlan. Let me show an example : We have a router , a MS switch and a MX. The management vlan is defined on the router and the MS as a management IP from that vlan ( lets say vlan 100 ). Is it possible to configure the MX to have an IP on that VLAN ? Only way I found to achieve this is my creating the same vlan on the MX and giving the ''appliance IP'' a different one than the router ( router as .1 and MX has .10 for example ). This is not really ideal. Thanks !
... View more
08-02-2019
07:23 AM
Thanks for the info. I'm not really a fan of this , so I'm going to configure these rules on our NGFW behind the MX. I don't like to idea to mess with those site-to-site firewall rules and accidently blocking the traffic for our 2k remote sites. I will mark this as resolved
... View more
08-02-2019
07:10 AM
Let's say I want to block the remote site from reaching the servers. I would have to do this with the site-to-site VPN firewall outbound rules ? And these rules would also apply to ALL my other remote site ( 2k ) ?
... View more
08-02-2019
05:52 AM
Hi there , We have a remote site ( MX65 ) with site-to-site VPN tunnel going to one of our MX cluster. Somehow , someone managed to configure many Site-to-site outbound firewall rules ( those rules are Org wide ! ). Those rules are only there to permit or deny specific traffic comming from the remote site. Why would you configure those rules on the site-to-site outbound firewall and not the MX ( remote site ) ? Currently any remote site ( that is participating to the site-to-site VPN ) is bound to those rules ( they are org wide ) Site-to-site Vs firewall rules Am I missing something ?
... View more
07-29-2019
04:29 AM
This is what I got from support : After gathering the data and discussing this with our Engineering team we've determined that this is the expected behavior for MX devices using 802.1X based authentication. The current reauthentication timer on the MX is set at 3600s / 1hr, and I've confirmed that unfortunately at this time we are unable to change that value at all, so this is all working as expected in this situation from what we can see. I'm still worried about the DHCP renew at every reauth. I don't think that is a expected behavior...
... View more
07-17-2019
11:50 AM
1 Kudo
I don't know about the SDK but I'm using this : import os proxy = 'proxyURL' os.environ['http_proxy'] = proxy os.environ['HTTP_PROXY'] = proxy os.environ['https_proxy'] = proxy os.environ['HTTPS_PROXY'] = proxy works like a charm.
... View more
07-17-2019
08:31 AM
No worries ! That is part of the issue , there is 0 settings for MAB / 802.1X on the MX ( except de radius port and server ) and I can't find any documentation from Meraki. I think I will have to open a support ticket about this one and post the result here.
... View more
07-17-2019
08:25 AM
There is no switch in the situation the devices are directly plugged into the MX. Device -> MX -> ISE. In that case the MX is the Authenticator.
... View more
07-17-2019
04:34 AM
Thank you , but I'm well aware of the situation of the MX68 , the log below is exactly the same for all our MX65(W) , should have mentioned it.
... View more
07-16-2019
08:02 AM
Hi , This is a fairly complex issue. We are running the 14.39 firmware with MX65(W) and MX68. We activated the 802.1X / MAB auth ( hybrid ) and since that activation every device is renewing it's DHCP lease every single hour ( 1 hour 16-18 secs ) This is annoying because it is flooding our logs and the lease we are giving to our devices are 24h ( should renew at 12h ) This is affecting all our 2k teleworker. Devices that are authenticated via MAB do not renew every hour. Cisco IP phones ( multiple models , also do not renew but are reauthing every hour ). In Cisco ISE we don't see anything suspicious and everything is working fine on our MS. MX is a different story. See the logs below : As anyone seen this issue ?
... View more
06-18-2019
05:06 AM
3 Kudos
I guess there are 2 types of straight people also. People that are open minded and people that feel intimidated by a temporary logo supporting a good cause. Thanks and have a great day.
... View more
06-05-2019
05:41 AM
Well another case this morning , a teleworker reported some issue with his MX : Latency dropped right after the reboot but is still high. Maybe a 3rd reboot would fix it.
... View more
05-29-2019
12:30 PM
1 Kudo
Even with the latest firmware it is not available : Support : Wired 802.1x is planned for the MX67/68 platform, however, it is unfortunately, not available at this time. Support does not have an ETA of when this will be available and what firmware build will include this feature. Let us know if you have any further questions.
... View more
05-29-2019
10:55 AM
Ah ! I think we had our Meraki Rep to enable this feature for us. It is the only explanation that I can give for the moment. EDIT : Tested and ... not working with 14.39 firmware and MX67/MX68 series. Seems like you are right about it. I will test the latest version and report the results
... View more
05-29-2019
10:23 AM
2 Kudos
Here is a screenshot. This is a template for our MX65-68. Access policy is hybrid ( MAB and 802.1x ) and it is working like a charm
... View more
05-29-2019
04:57 AM
Well , We have over 300 MX68 with 802.1X enabled and over 1200 MX65. We are running the 14.39 firmware.
... View more
05-28-2019
10:19 AM
I'm still monitoring it every morning . At the moment everything is fine , but I'm pretty sure It will comeback at 4th time
... View more
My Accepted Solutions
| Subject | Views | Posted |
|---|---|---|
| 145 | 07-17-2019 11:50 AM | |
| 409 | 05-14-2019 07:04 AM |
My Top Kudoed Posts
| Subject | Kudos | Views |
|---|---|---|
| 3 | 1144 | |
| 2 | 1047 | |
| 2 | 461 | |
| 1 | 145 | |
| 1 | 987 |
