Register or Sign in
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- About Twitch
Twitch
Building a reputation
Member since Jan 6, 2019
11 hours ago
Community Record
147
Posts
73
Kudos
0
Solutions
Badges
08-12-2022
12:05 PM
Hello to the Crew - I just enabled a syslog server for URL logging on our MX. The entries are reaching their destination successfully, but we noticed that the log entries do not include the corresponding username associated with the entry - instead of the username the entry just lists UNKNOWN. See below: Is it possible to have the usernames included with the log entries when they are sent to the syslog server natively by the MX, or will a third-party tool be needed the get that information? I do not see any options to modify what is included/excluded with URL logging except selecting URLs from the syslog entry drop-down menu. I should note that we are hoping to gather URL log information for both wired and wireless clients. Thoughts? Thanks! Twitch
... View more
06-16-2022
08:20 AM
"Fisher Price dashboard reboot." 😂 I just clicked on "Try It Now," and boy, do I regret that. I don't see an option to go back to the old (much, much better) version, either.
... View more
06-16-2022
08:15 AM
5 Kudos
So I just switched to the new version of the Meraki dashboard. Can I get some free Meraki sunglasses to go with it? Waaaaaay too much white, and not enough contrast to separate the sections or save my retinas. The pages are painful to look at it. Please, either add some contrast or add an option for dark mode, or ship me some Meraki-branded sunglasses. Thanks. Twitch
... View more
02-18-2022
10:47 AM
Hello to the Crew - question for you: We have a non-Meraki Peer VPN between our office and our parent company. While the VPN terminates MX to MX, right now we are different organizations so the tunnel has to be a non-Meraki peer setup. As long as we don't make any changes to the subnets configured on both ends, the VPN works great. If, however, if we add or remove a remote private subnet from either end of the config, the VPN quits working. The only way to restore functionality is to completely rip-out the config on both ends and put it back. It seems like IPSec gets hosed and the traffic just stops transiting the VPN once a change is made. Naturally, recreating the tunnels on both ends reestablishes IPSec and the tunnel works fine once again after that. Has anyone else seem a similar behavior? Is there a fix or workaround? I am not aware of any way to "pause" the VPN, make the required changes, and then start it up again. Thanks! Twitch
... View more
01-28-2022
01:15 PM
Weird - I clicked the Reply button and this post was suddenly accepted as the solution. Not sure how that happened, but anyway... @KarstenI- looks like the Gigacubes are only good in the UK. I take that's where you are using yours? The website doesn't appear to mention service/availability here in the disUnited States.
... View more
01-28-2022
01:13 PM
Thanks, guys. I just spoke with Meraki support and the tech told me that the Inseego USB8L is not compatible with Meraki. Back to the drawing board.
... View more
01-27-2022
01:38 PM
Hello to the Crew - does anyone know where I can access the current list of compatible USB modems for the MX-64? The list is inaccessible from this link: https://documentation.meraki.com/MX/Cellular/3G%2F%2F4G_Cellular_Failover_with_USB_Modems " New USB modem approvals are currently on hold until further notice. All ongoing evaluations for USB modems will be updated on this page as soon as completed. We recommend to upgrade to the integrated/MG models for cellular connectivity and reach out to your sales contact." The model I am attempting to use is the Inseego 4G Global Modem USB8L. I need this to be a primary Internet connection for a tractor-trailer drop yard in the middle of nowhere that has cell signal but nothing else. The MX has been configured and connected to the dashboard via wired connection here at the office, but when I plug the modem in and disconnect the wired connection, the MX never fails-over to the cellular connection. Note that when I plug the cellular modem into a laptop I am able to reach the Internet without any issues. The MX, however - no joy. The firmware on the MX is up-to-date at 15.44. Given the current supply-chain mess, we can't get an MG21 for at least 180 days of lead time, and of course the connection at the yard needs to be operating immediately. Any thoughts? Thanks. Twitch
... View more
Hey gang - We are considering replacing a Cisco 4331 router with an MS-250 switch setup to run L3 switching and OSPF. Our VPLS setup currently runs an IOS router at each remote site as well as here at our data center. The VPLS endpoints all use 172.16.50.x/24, and all of the routers are running OSPF in backbone area 0. In order to put the L3 switch in place, I need to configure an SVI and assign a VLAN number. My question is this: Will the remote sites give a a flying fig about what the VLAN # is since the interconnection between sites runs at L3 with OSPF and not VLANs (our circuits strip VLAN tags anyway)? In other words, will the VLAN # assigned to the SVI on the switch here at the data center simply be a local construct that only the local switch cares about? It would seem to me that as long as 172.16.50.1 and 172.16.50.2, etc, are reachable over the VPLS via OSPF, then the local VLAN number associated with the SVI should not matter to the remote sites. Is my assumption correct? Thanks! Twitch
... View more
Karstenl - that did it. I was having a hard time translating IOS to Meraki-speak, so to speak, and didn't understand how to assign an individual SVI IP to the test switch so that the stack and the test switch were in the same VLAN. I initially created the SVI on the test switch, but did not have the corresponding interface configured on the stack. I deleted the SVI from the test switch and created it on the stack, then figured-out how to add an SVI with a unique IP in the same VLAN on the test switch, and now the two are neighbors and routes have been exchanged. Thanks for your help. I learned something today. Twitch
... View more
Here is the diagram. I forgot to mention that the reason for this test is a desire to use MS-250 switches with L3 Switching enabled and running OSPF to replace the Cisco IOS routers at all remote VPLS sties. My goal with the test is to prove the concept and verify that OSPF will form the neighbor relationships and fully exchange routing information in the same way that the current IOS routers are. The switch in the lower-left of this diagram represents the test switch. It is currently cabled directly to the switch stack.
... View more
Hello to the crew - I am trying to get an OSPF neighbor relationship to form between our switch stack and an MS-250 switch with OSPF and L3 Switching enabled. The switch stack is running OSPF already, and has a neighbor relationship with some IOS routers.The single switch is connected via Ethernet directly to the switch stack. However, I cannot get the neighbor relationship to form between the single MS-250 and the switch stack. Note that the stack and the single switch are both in Area 0 with all timers set to their defaults. An SVI is configured on the single switch. The switch ports are both trunks. It's Monday. I'm tired. I don't think the coffee is strong enough. I must be missing something simple. Thanks. Twitch
... View more
10-22-2021
12:42 PM
7 Kudos
I figured it out. The problem was self-inflicted, like so many are. I have three MR30 APs set-up as wireless bridges for another network on the table next to my desk. My phone/laptop were both trying to associate to the bridges instead of the MR74 on the ceiling, which is connected to the production network. I just completely forgot that the MR30s were sitting there powered-on but without a usable connection to a DHCP server. When I got up from my desk to go get some coffee, I saw them sitting there and what was happening smacked me in the face. Working in IT provides a person with plenty of opportunities to make an arse out of yourself. 🤐 False alarm. Sorry. Twitch
... View more
10-22-2021
10:39 AM
Hello Crew - anyone else seeing weird problems with WiFi today? Our clients won't stay connected, The connection establishes, everything is good, then the connection drops with a message stating that either an IP address could not be obtained or couldn't authenticate connection. We haven't touched the config. Everything was running along just fine until this started. I have rebooted select access points to troubleshoot the issue, but no joy. The APs are acting like they did when the Google geolocation issue was happening a few weeks ago. Is this just us, or part of something larger? Thanks! Twitch
... View more
10-13-2021
05:48 AM
@cmrWe don't have any of those devices on-hand. I'm sure we could get some. "we actually used a routed port on a Cisco L3 switch at the DC" - Since we're currently using an Ethernet port on the router, doesn't this effectively accomplish the same thing, or are you saying that due to router interface throughput/overhead, the switch is actually more efficient at passing the traffic in/out of the VPLS circuits? How were you guys routing the traffic to the remote sites?
... View more
10-12-2021
01:34 PM
@cmr- Speaking of output drops, here are the current stats from our 2901. Basically, it's getting killed. We have a gig internal interface connected to the Meraki switch stack leaving the 2901 out a Fast Ethernet interface set to 100/Full Duplex per the provider's request. At the time we put the 2901s in, we were not aware of the 25 Mbps throughput limitation. The output buffer of Gig 0/0 (the VPLS interface) is filling-up and inbound traffic from Gig 0/1 is getting dropped before there is space available in the buffer. We have ordered 1000 Mbps for our VPLS circuit here at the DC, and will be replacing the 2901s with 4331s, hopefully with the Boost license (my preference), or the Performance license so we have at least 300 Mbps of throughput instead of 25. If the 4331 works out well here, we will probably replace all of the 2901s at the remote sites as well.
... View more
10-08-2021
01:16 PM
2 Kudos
@cmr- Over two of our remaining SD-WAN StS VPNs, Virginia to NJ is running 32 ms, and Virginia to SC is running 18 ms out of the MX. The same company that is providing our VPLS circuits is also providing the DIA out of our Virginia data center. The latency is horrible. I agree. I have asked my boss to check the SLA that our provider gave us to see what kind of numbers they guarantee. Like I said in the original post, the tech support guy basically cut me off when I questioned why the latency is so bad. He said it's "normal" for VPLS circuits, and they were seeing the same numbers internal to their network.
... View more
10-08-2021
04:16 AM
2 Kudos
@cmr- fiber to the demarc, copper hand-off to the 2901 gig port.
... View more
10-07-2021
12:15 PM
2 Kudos
@cmr- we are running basic routing at this point. No crypto or access rules. When the circuits first went live we tested with laptops connected directly to the VPLS hand-off at several sites. Latency numbers were the same as what we see with the 2901s running, 25 - 40 msec. I did not know that tidbit about the limitations on the 2901s.
... View more
10-07-2021
10:00 AM
@cmr- We have distances ranging from roughly 6 miles to 430 miles to 750 miles. Latency is generally in the same range regardless of the distance. We are not running SD-WAN over the VPLS. We had SD-WAN running over our broadband internet connections to each site, but my boss wanted to get away from the site-to-site VPNs, so he decided to switch over to VPLS circuits between each site instead. We are using 2901s in order to route traffic via OSPF between sites. My boss's original plan was to use VLAN tagging over the VPLS, but he did not want to pay for the QinQ service, so we decided to route traffic via OSPF instead. Your latency is far superior, to say the least. Which company provides your circuits?
... View more
10-07-2021
08:17 AM
Hello to the Crew - for those of you sending traffic over VPLS circuits, what kind of latency numbers do you see? We currently have six of our locations running over a Cogent VPLS with a variety of LECs providing the last mile, including Verizon and Segra. The circuits have 28 - 40 ms of latency continuously, which seems very high to me. I see that at each site and in all directions between sites, regardless of the physical distance involved. When I called and spoke to a tech support guy at Cogent, I was told he saw the same thing on his side and, basically, "that's just the way it is." When I tried to question why it was so high, he gave some half answer and disconnected the call. We have Cisco 2901 routers running at the edge of our VPLS cloud. Circuits are 100 Mbps. If I run an extended ping from a VPLS router interface to another VPLS router interface, with nothing but the provider's network in-between, I still see 28 - 40 Mbps of latency. Is anyone seeing similar numbers on their circuits? Thanks. Twitch
... View more
Labels:
- Labels:
-
Traffic Analytics
10-05-2021
10:25 AM
That lists the MACs for an Apple device, most likely a cell phone, that was trying to get an IP from VLAN 4. I wonder if it's because some strange config on the phone itself? We have had some contractors working in our shop on a new piece of equipment.
... View more
10-05-2021
10:12 AM
Hey @BrandonS - sure did. The second screenshot above is what you find there. Not much to go on.
... View more
10-05-2021
05:45 AM
Morning everyone. Has anyone seen a situation where access points report a DHCP problem with a VLAN that doesn't exist? I have a site that is reporting a problem with some clients not being able to receive IP addresses from VLAN 4. The problem is, VLAN 4 does not exist in the environment. I have looked everywhere on devices in this network to make sure that VLAN 4 is not configured, and sure enough I can't find it anywhere. This does not impact performance in any way, since clients are receiving IPs from the correct VLAN. I'm just curious where this might be originating from more than anything. There also does not appear to be any way to clear the notification, either. Has anyone else seen this happening? Thanks. Twitch
... View more
09-24-2021
09:20 AM
1 Kudo
@Paul421- that's the exact issue we have been having as well. Our wireless clients get the same DHCP as the wired clients - same DNS as well - but the wireless mobile devices could not connect to wifi and reach the internet. Only mobile devices, though, which is even stranger. I could connect to wifi on my laptop and it worked okay. My cell phone, however, and other user's phones, and iPads - no joy. Connected without internet. Truly bizarre.
... View more
My Top Kudoed Posts
| Subject | Kudos | Views |
|---|---|---|
| 7 | 658 | |
| 7 | 23934 | |
| 5 | 292 | |
| 3 | 2742 | |
| 3 | 10190 |
