I have a client in a similar position. We agreed to put their router on front of the Meraki and keep their equipment completely off our network. Sine they get into their equipment from.a fixed ip address over SSH, I like the idea of there being two different networks.
... View more
I've tried to troubleshoot some of these and didn't make the connection but in hindsight, I do remember iPhones being the devices linked to these. That's good stuff to know! Thanks!
... View more
I'm desperately waiting for starlink, mostly so I can build better sdwan deployments into places like India which has poor infrastructure.
... View more
Was just researching this exact question... I think... So if I have a VLAN and corresponding SSID set up for the management of my Sonos speakers and I want to be able to get on that SSID/VLAN comb from out of town and run the firmware update on my speakers, VPN wont let me do that, is that right? Like I couldn't use the VPN to act like Im on that SSID.... right?
... View more
That's a bug. When you use Meraki as L3 switch you usually get a random client in the network that get's allotted most traffic coming from the L3 switch. From logical deduction (I don't have the facts like the Meraki team does) I believe the problem is as follows: - The switches/AP can only track clients using MAC - The MX can do both but is configured to use MAC because they're all in the same combined network. - But the L3 switch of course uses it's own MAC to forward frames towards the MX if you use a best practice point-to-point /30 LAN between MX and MS and all LAN traffic gets routed out that /30 towards the MX. - I also believe the traffic recognition differs on the switches than the MX'es so that means if the MX and the MS agree that this traffic is skype.. then the registration of that traffic to the dashboard will be coming from the MS with the correct client MAC address. However if they don't agree for example the MS says it's HTTPS traffic, but the MX classifies the traffic as bittorent then you will have duplicate registration of the same traffic and of course the MX will see the traffic coming from the MAC of the MS causing one client to have major traffic towards WAN/Internet. How it chooses the client name though is a mystery for me. I hope a Meraki technician could provide more inside clarification on this.
... View more
We use Logic Monitor and I think it is worth looking into. It does a nice job of monitoring/reporting/alerting and has great customization features.
... View more
Hi, you can use MR84 for outdoor purpose with Dual–Band Patch Antenna (8/6.5 dBi Gain) https://meraki.cisco.com/products/wireless/antennas-power#dual-band-sector-antenna-14
... View more
To make this one happen, you will have to use your Meraki as a VPN concentration mode so that your L3 switch forms an OSPF neighbor. At the same time, you will need to run OSPF on EVPL. Between two source of routes, you can influence the preference with cost/metric.
... View more
Apart from what @PhilipDAth already said about the radius accounting... There are also client VPN log entries in Network-Wide > Event log under the security appliances events. There are events when a client connects and disconnects and when the SA is deleted. Maybe you can use that and calculate the duration from it. Unfortunately I don't think there's a cleaner way atm. Do send in a Make a wish for it!
... View more
Yea there isn't a super easy way to do that on the Meraki side and you would be better off with configuring outgoing on the other end. But I agree with the sentiment. Meraki does focus so much on being user friendly that they completely miss things everyone above "user" would like to see.. Like Any Connect, EIGRP, RPVST......
... View more
Comcast. But strange thing is, the Normal non-NAT Mode network worked fine. Just the Nat Mode/Meraki DHCP stuff decided not to resolve DNS. I mean its working now, just dont understand why it didnt.
... View more
Best practice would be trunk between firewall and switch, trunk between switches, disable VLAN 1, change native VLAN to an unused VLAN, and drop all untagged traffic on the firewall ports.
... View more
//
//
LITHIUM.InformationBox({"updateFeedbackEvent":"LITHIUM:updateAjaxFeedback","componentSelector":"#informationbox_3bcebaebddbc19","feedbackSelector":".InfoMessage"});
LITHIUM.InformationBox({"updateFeedbackEvent":"LITHIUM:updateAjaxFeedback","componentSelector":"#informationbox_3bcebaebddbc19_0","feedbackSelector":".InfoMessage"});
LITHIUM.InformationBox({"updateFeedbackEvent":"LITHIUM:updateAjaxFeedback","componentSelector":"#informationbox_3bcebaebddbc19_1","feedbackSelector":".InfoMessage"});
LITHIUM.InformationBox({"updateFeedbackEvent":"LITHIUM:updateAjaxFeedback","componentSelector":"#informationbox_3bcebaebddbc19_2","feedbackSelector":".InfoMessage"});
LITHIUM.AutoComplete({"options":{"autosuggestionAvailableInstructionText":"Auto-suggestions available. Use Up and Down arrow keys to navigate.","triggerTextLength":4,"autocompleteInstructionsSelector":"#autocompleteInstructionsText_3bcebae843a122","updateInputOnSelect":true,"loadingText":"Searching...","emptyText":"No Matches","successText":"Results:","defaultText":"Enter a search word","autosuggestionUnavailableInstructionText":"No suggestions available","disabled":false,"footerContent":[{"scripts":"\n\n;(function($){LITHIUM.Link=function(params){var $doc=$(document);function handler(event){var $link=$(this);var token=$link.data('lia-action-token');if($link.data('lia-ajax')!==true&&token!==undefined){if(event.isPropagationStopped()===false&&event.isImmediatePropagationStopped()===false&&event.isDefaultPrevented()===false){event.stop();var $form=$('