- About Twitch
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Community Record
31
Posts
9
Kudos
0
Solutions
Badges
a week ago
Hey RouterGuy - vanilla config. The link between the two switches is a trunk with native VLAN 1 on both sides. No other VLANs. Nothing special configured on either switch at this point. Out-of-the-box and plugged-in, literally. I've just never seen an issue like this with a cable that works fine for another device, but not the one you're trying to get connected. Also, both switches are MS210-24's, so no legacy equipment involved.
... View more
a week ago
Hey gang - I had a really bizarre situation yesterday that defied explanation, and I'm wondering if anyone has experienced something similar. I recently installed a new MS210-24P as an MDF switch. This switch connects directly to the MX and out to the dashboard without any problems. This switch also has a cable that runs across the shop to an IDF. When I attempted to install a second MS210-24P at this IDF I could not get a link light on this switch. Thinking that the cable run may have an issue - poor termination, break in the cable, etc - I connected the same cable to an MR74 which promptly powered-on, reached-out to the dashboard and received its configuration, and connected wireless clients to the network and the Internet without any problems. The connection was, in fact, excellent, which ruled-out any issues with the cable run and termination. The same IDF switch did the same when connected directly to the MDF switch with a patch cable - it worked fine, link lights and all. Has anyone else seen a situation like this? Or has our network just taken a trip into Bizarroland? Why would one device connect without any problems but another device connected to the same cable can't connect at all? I have seen issues like the in the past, many moons ago, when dealing with 568A vs 568B or straight-through vs crossover, but nothing in recent memory. Thanks. Twitch
... View more
3 weeks ago
1 Kudo
I was finally able to get a seat in ECMS1, and the seat in ECMS2 will follow shortly thereafter. I'm looking forward to it very much!! Don't give up trying if you're still waiting for a seat. It's taken me about a year, but finally, I have a Golden Ticket. 🤣 Also, I found this on the Cisco Learning Network. Apparently the ECMS1 and ECMS2 courses are available for a fee. If I'm late to the game here and everyone already knows about this, I apologize. It's new to me, so I figured I would share just-in-case: ECMS1: https://learningnetworkstore.cisco.com/on-demand-e-learning/engineering-cisco-meraki-solutions-part-1-ecms1-v2-0-elt-ecms1-v2-025267 ECMS2: https://learningnetworkstore.cisco.com/on-demand-e-learning/engineering-cisco-meraki-solutions-part-2-ecms2-v2-0-elt-ecms2-v2-025268 The prices aren't "break the bank" either, which is great. Cheers! Twitch
... View more
01-28-2021
06:04 AM
Hey @Bruce - so is it safe to say that I can use a private IP address, say 172.16.1.x /24, on the WAN ports of the remote site MXs and they will still be able to reach the Dashboard via our data center MX Internet connection, and that NAT will then translate that private IP to a public IP which gives the remote MXs Dashboard connectivity? Reason I ask is that our MXs at all sites currently have a public IP assigned to their WAN ports with direct internet access. Once the VPLS is live, the remote MX's traffic will travel through two designated primary sites to access the Internet, and will be using private IPs instead of public IPs. We're hoping to drop the internet service at all remote sites and only need to maintain active internet connections at our two primary sites. Thanks for your help! Twitch
... View more
01-23-2021
04:57 PM
1 Kudo
@cmr Aha! I see. So basically, I can conceptualize VPLS as a bunch of routers plugged in to a single central switch, with all of the routers having an IP in the same subnet, all sharing the same VLAN ID? That ain't so bad, then, is it? Great call on spacing the IPs out. We currently have one MX at each site, and I am pushing hard to get rid of that single point of failure, especially here at the DC. The network is a work in progress. I really, really appreciate the help and advice. Thanks!! Twitch
... View more
01-23-2021
05:37 AM
Thanks @Bruce @cmr. Would it be correct to say, then, at least from a high-level view, that I can assign each site a new private IP range assigned to the MX as the VPLS interface, place that interface in its own VLAN, route the private range with OSPF, and as long as each site knows a route to the internal networks located at each site, the VPLS will simply pass the traffic inter-site, much like frame relay did "back in the day?" We don't want to change the IP range assigned to the internal networks, hence my desire to add another subnet just for the VPLS and rely on INTER-VLAN routing to pass the traffic. The remote sites will come through our office for Internet access, which is a 1 Gbps link. The VPLS links right now will be 100 Mbps to start with. At our office, I can either extend the demarc directly to our MX100, using one of the LAN ports (port 8, for example), bypassing the switches, or I can connect to a switch first, then connect from the switch to the MX. Are there advantages for one over the other? I'd prefer to go straight to the MX. The WAN port on our MX will stay as it is because it's our (and the remote sites once the VPLS is in running) Internet connection, hence my desire to use an MX LAN port. At the remote sites, based on what you guys have said, I can use the WAN port to connect the VPLS since all of their traffic will come back through our office anyway. Does that setup make sense? I have a clearer picture in my head now. At least I think I do... Thanks again! Twitch
... View more
01-22-2021
02:04 PM
Hey gang - my company ordered a VPLS circuit a while back and two of our site's circuits are completed and ready for us to connect to our network. The challenge is that I can't find any information about how to configure VPLS from a customer perspective - everything I find is related to service provider edge and within the service provider network configuration. I can't find anything from our (end-user, if you will) perspective. I called tech support for our VPLS provider and that was zero help - they basically told us to hire a consultant. I myself do not have any experience configuring MPLS or VPLS, both technologies have not crossed paths with me during my career, but I don't want to look like a total incompetent who is unable to get this circuit working. So, can anyone point me to a Meraki configuration guide or document that could help me bring this circuit to an up/up state? It is my understanding that VPLS is a layer 2 technology, so, from the demarc device I would assume that I would connect from the user (hand-off) port to a switchport on one of my MDF switches. Is this assumption correct? If so, is there any configuration required on the switchport, considering that VPLS is MAC based and learns the network paths via MAC addresses, if I am understanding that correctly. (I do know that if I plug a Cat 6 cable into the demarc device and one of my switches the connection comes up, but what's required behind the scenes remains a mystery...) Are IP addresses required? If so, I'm going to assume I need to tie the MX into this configuration. (But, if it's a layer 2 technology, why are IP addresses required?) All this new-fangled technology... I'm hoping that someone will have the Magic VPLS Configuration Guide out there, or some great advice to help an old guy out. I sure would appreciate it. Thanks!! Twitch
... View more
01-22-2021
09:22 AM
Well lookie there. I just learned something. Thanks for the documentation link. That page is very helpful. 👍
... View more
01-22-2021
09:03 AM
You wouldn't think welding machines would need to be connected, but they are! At least here. Lincoln Electric has a program that allows us to track the usage and performance statistics. I work for a major structural steel fabricator (we build the giant erector set pieces that are used to build skyscrapers). The data that is collected is invaluable to improving production. Truly a segment of the Internet of Things.
... View more
01-22-2021
08:47 AM
I'm with you on this one @Dustin_Hollis. We use network tags exactly as you are describing - to control the broadcasting of a specific SSID for our wireless bridge APs that connect the shop Lincoln Electric welders to the network. The tag allows the wireless bridge APs (MR30Hs) to broadcast the BRIDGE SSID while ignoring our other production SSIDs. This allows us to get the welders on the network without having to run cables to them, and also prevents nearby wireless clients from connecting to the MR30Hs that we want to use exclusively for the welders. I don't see the answer listed anywhere officially yet, but I'm with you that number 2 is correct.
... View more
01-19-2021
12:49 PM
1 Kudo
I'll take @BlakeRichardson 's water bottle if he doesn't want it. 😀 Survey submitted.
... View more
12-21-2020
09:09 AM
Thanks @cmr. Considering that our Internet edge is effectively moving to our Virginia location, would it even be necessary for us to maintain MXs at each of our remote locations, or could we just run switches alone there? I'm still not clear about how the VPLS service will terminate into our equipment with regard to port type - will it need an Internet port (in which case we would need to keep our MXs), or can it terminate into a standard switch port since VPLS is Layer 2 aware and does not use Layer 3? That is, if I'm understanding it correctly... If I'm able to reclaim those MXs from the remote sites, then I can implement MX failover at other sites since I will have gained redundant MXs.
... View more
12-21-2020
08:38 AM
Thanks everyone for the replies. I have a question regarding the single IP address - we have multiple locations in several states that will be connected to the VPLS service. Traffic from the remote sites will be traveling through our main location in Virginia to reach the Internet. Is it safe to assume that our public IP at our main office will become the IP of all Meraki devices as it relates to the Meraki cloud? I have zero experience with MPLS and VPLS, so I am playing a game of catch-up in terms of understanding the technology and what needs to be done on our end to make this transition to VPLS go smoothly, so I appreciate your advice very much. Thanks, guys. Have a great day. Twitch
... View more
12-17-2020
07:34 AM
Hello to the Crew - I have a question regarding implementing VPLS with Meraki devices. I have very limited knowledge of VPLS, and materials seem to be sparse, though I am finding some on the Cisco sites, but articles specific to Meraki implementation are few and far between. We are transitioning our connectivity between remote sites to VPLS in the very near future. Our current environment runs an MX at each site along with MS switches. My understanding is VPLS is a layer 2 technology that utilizes MAC address translation to determine network paths, basically a layer 2 WAN if I am understanding it correctly. What typically is done Meraki-wise to configure the VPLS interface? Is there any specific configuration, port settings, etc., that are required? I do not yet have specifics from our VPLS service provider. I'm just trying to get ahead of the curve, so to speak. If anyone has info, or links to material, I would be grateful. Thanks! Twitch
... View more
12-14-2020
07:59 AM
Hey Darren - that's crazy, but par for the course. Folks just don't think about the environmental conditions when it comes to technical equipment. You can talk until you're blue in the face about it, but the negative impact never reaches the gray matter on the receiving end. By the time they finally realize the extent of the problem, it's too late. Thanks for the suggestion. I think that's exactly what I'm looking for. Cheers!
... View more
12-14-2020
07:30 AM
Hello to the crew. I was wondering if anyone can offer a recommendation for a plug to use in empty SFP ports to keep steel dust out of them? I work for a structural steel fabricator and our switches in the shop live a rough life despite our efforts to the contrary. I would like to close the empty fiber ports to protect them from the elements. The pic below shows how the steel dust builds-up around the ports, and it infiltrates every nook and cranny of every piece of technology we use in the shop. Sometimes I feel like this is the place where technology comes to die - it's just not tech-friendly. Even the racks with fans and filters are not able to keep the dust out of the switches. Any suggestions? I don't suppose there is an official Meraki plug available that is the exact dimensions? Thanks! Twitch
... View more
10-07-2020
12:13 PM
Thanks - it makes sense now. I was able to configure a tag that broadcasts production SSIDs and a tag that only broadcasts the bridge SSID. Traffic is now limited to the welders on the bridge. The Meraki interface throws me for a loop sometimes. I am an old school command line guy, and sometimes things don't "click" in my brain with the GUI interface. Well, the GUI is one thing, old age is another. They both gang-up on me on a daily basis. 😁 I appreciate your help! Twitch
... View more
10-07-2020
11:13 AM
Hey Karstenl - I used that option to only broadcast the bridge SSID on the AP that is going to use it. Looking at the options on the SSID Availability page, I do not see an option for This SSID is Disabled on Some APs, which is what I'm looking for. I will have to submit that to Make a Wish. It would just be easier to configure the few bridge APs to only use the bridge SSID instead of having to create tags and individually configure each AP in our environment across all locations. Perhaps it's just me, but it would seem that having the functionality to choose the SSIDs an AP should broadcast via the simple use of an SSID list with checkboxes next to each configured SSID would be the simple way to go. That way, when a new AP is being configured, you just choose the SSIDs you want to use for that AP, click Save, and it's done. Thanks for your reply! Twitch
... View more
10-06-2020
02:22 PM
Hello to the Crew - I have a wireless bridge question. I just installed an MR30H to provide a wireless bridge connection for two Lincoln Electric welders on our shop floor. The bridge is working perfectly. The two welders are connected to ports 1 and 2 of the 4-port switch, and I have two-way communication with the welders across the bridge from a nearby AP attached to the local LAN. I only want these two welders to talk across the bridge, but the bridge has also begun picking-up traffic from surrounding wireless devices talking on our other SSIDs. My question is this: Is there a way to only allow traffic from ports 1 and 2 and block all wireless access via the bridge AP from surrounding wireless devices? In other words, I want the radio active to talk to the nearby wireless gateway, but not to any other clients. The welders should be the only devices talking to the gateway. I cannot find a way to remove the non-bridge SSIDs from the config of the MR30H so that the only SSID talking is the bridge SSID. My apologies in advance if that is clear as mud. It's been a long day. I'm tired. I cannot claim to be thinking straight at this point, and caffeine is not helping. Thanks. Twitch
... View more
09-18-2020
06:25 AM
Morning everyone. I have a question for the crew: We are currently fighting a CryptoMining malware attack on one of our servers. In the process of fighting it and adding rules to the firewall to block IPs/ports, I noticed that on the Threat Protection page there is a series of Whitelisted Rules under Intrusion Detection and Prevention. I did not configure this MX, but I am responsible for it now due to a former co-worker's termination. I am trying to determine why these rules are whitelisted and what that means in terms of analyzing traffic. To me, when an item is whitelisted, that generally means it is allowed to come through, but based on the names of these rules, it appears that the traffic should be blocked instead. Here are some rule names: - Exploit-Kit Magnitude exploit kit embedded redirection attempt - Server-Webapp DrayTek Multiple command injection attempt - Server-Webapp Zeroshell Linux Router command injection attempt Will traffic related to these whitelisted rules bypass security, or do these rules serve some other purpose? The documentation I read didn't really provide much of an explanation of behavior. Should I leave this rules, or delete them? My concern is they were added by two former employees who are no longer with the company. Thanks for any help you can offer. Twitch
... View more
08-21-2020
09:45 AM
Hello all - I am continuously getting email notifications "There was a VPN connectivity change..." in our MX100. These emails indicate that the connected went down, followed by another email usually less than a minute later saying that the connection has come back up. When this happens, I do not get any reports from remote users that they are being kicked-off or losing connectivity. From their perspective the VPNs appear to be stable. I noticed in the Dashboard that I can turn these alerts on or off, but I cannot adjust the threshold for reporting that a VPN connection has gone down. I would like to continue receiving these alerts in case a connection actually does stop working, but at this point it's almost like the Boy Who Cried Wolf. Between 12:48 AM and 12:43 PM today I have received 32 separate emails reporting a VPN "problem." Has anyone else experienced this? If so, were you able to find a resolution? Could it possibly be a configuration issue with the VPNs? Is there a way to adjust the reporting threshold? I realize that it could also possibly be an issue with our WAN service providers as well between our corporate office and the remote sites. Thanks much! Jim
... View more
01-24-2020
07:27 AM
@MerakiDave - I don't have any Meraki swag yet, so starting with a comfy pair of 100% Cloud socks would be awesome! If you still have a pair, let me know. Thanks!! Twitch
... View more
01-24-2020
07:07 AM
2 Kudos
JD, you always give great answers. Thank you so much for putting all of that together. I really appreciate it.
... View more
01-24-2020
06:54 AM
1 Kudo
Don't need the demo. We have a large Meraki production environment that runs all of our plants across several states. Thanks for the responses, folks! I appreciate it.
... View more
01-23-2020
05:42 AM
1 Kudo
I'm curious - has anyone actually been able to attend the ECMS2 training? I have never heard a single reply to my multitude of requests for a seat since the training was announced. While the course is free I have a much better chance of justifying the trip to my company. Once Cisco puts the typical $2,000+ price tag on the course my opportunity to attend disappears like a fart in the wind. I have even had our sales rep who sold us our shiny new Meraki infrastructure get in-touch with his contacts at Meraki, and still nothing but crickets. Does the training actually exist, or is it a unicorn at this point, only available to a privileged lucky few? Thanks! Twitch
... View more
My Top Kudoed Posts
| Subject | Kudos | Views |
|---|---|---|
| 2 | 1026 | |
| 1 | 335 | |
| 1 | 222 | |
| 1 | 2029 | |
| 1 | 3894 |
