About cmr

cmr

@shauno I think you are correct, in that devices that cannot run 15.x will not be able to run 16.x where AnyConnect support comes in. I'd also eager that until more people upgrade their MXs to 15.x we'll still be waiting...

cmr

@rledsti if you look at the live uplink stats, are they correct? If so, when you go to the Summary Report how does that look? Another element to consider is the firmware version, are you running 15.42 or an older release?

cmr

Summary report is your friend, you can select the network with the Z1 and you should get something like this (though possibly not so upload heavy!):

cmr

@Bruce is this the sort of API you are talking about...?

cmr

The only custom DHCP options we have are: The first is our internal domain, the second is the CUCM TFTP servers.

cmr

Are you using IPSEC VPN from the MX68 to the DC, or Meraki Auto-VPN? If not could you change to use Auto-VPN? We have 8 sites with Auto-VPN and Cisco 88xx handsets talking to a central CUCM server. We also have three home users with Z3/small MX that have 88xx handsets too.

cmr

It can't go out through the MX at HQ if the MX WAN port is connected to the MPLS, you'd need it to be a LAN port. However if it is a LAN port then Auto-VPN cannot form as that needs to be WAN port to WAN port. Therefore you either need an MPLS with internet (this could be provided by having the MPLS terminated on an HQ L3 switch, the WAN port of the MX connected there along with another device that presents internet access to the MPLS) or you need the HQ MX in concentrator mode.

cmr

A flask would be nice, perhaps a laptop sleeve as well in 13" and 15" at least.

cmr

That's the Ci$co way... 😇

cmr

@Newbie99 yes, each WAN link needs internet access as far as I know.

cmr

@Newbie99 there has to be a way for the WAN ports of the MXs to get to the internet. So with your MPLS it needs internet access either through the carrier or you'd need to out a device on it to provide internet access through an existing connection.

cmr

We have a stack of MS355s running 14.15 and the 100Gbps stack ports are apparently running at 10Mbps according to the dashboard...: As you can see they clearly are running faster. On an MS225 running 14.12 the dashboard information is somewhat different in quality:

cmr

@ZeeBoussaid Do you route the traffic via an interface on the MS225, do you trunk it to another switch, or is the traffic taken out of an access port towards the servers?

cmr

@ZeeBoussaid have you set the voice VLAN on the switchports?

cmr

@mikeset116 are you still on 25.13, or have you upgraded the APs to 27.6?

cmr

Shards 184 and 199 are okay when accessing from the UK, no issues over the last week or so.

cmr

@TommyYap if you have some managed switches then you can at least start to divide traffic into separate VLANs by having one of them directly connected to the MX. You could then have the unmanaged switches hanging off that in their own zones.

cmr

Congratulations everyone and @ww welcome to the club 🍾

cmr

What mode is the wireless in, bridge mode, layer-3 roaming or something else?

cmr

@TommyYap You can only have one VLAN on an unmanaged switch, so where an unmanaged switch is connected to the MS350 you would set that port to access mode (single untagged VLAN). I would configure the port on the MS350 and have that do the routing with it connected via a single VLAN to the MX250. In my example if you set a port to VLAN2 then yes you will need to change the static IP address on the device connected to it to be in the 172.18.0.0/16 range. I would create a second DCHP pool on your existing server and set the helper address on VLAN2 on the switch to point to the server. Alternatively you can use the switch as a DHCP server itself for VLAN2 (or indeed VLAN 1 as well if you wished to).

cmr

I'd put a cable tester on the cable, you could have one pin shorted to another or oxidation on one of the pins, either way different devices will react differently. The MR could have dropped down to 100Mb/s (dark green on core switch port in dashboard), but the MS might not be set to allow negotiation down below 1Gb/s. I recently had an issue with some cabling I did where I had a short between pin 3 (B, so the positive data signal for one direction) and the shield that allowed an IP phone or AP to work, but only at 100Mb/s...

cmr

@mikeset116 reduce the max power, for some phones 17dB is as much as they can transmit. If that leaves blackspots try steps down from your current max of 25 to find the best compomise.

cmr

@Newbie99 there are essentially only two options for SD_WAN over MPLS remote sites connect a WAN port to the MPLS and central site is in VPN concentrator mode remove sites connect a WAN port to the MPLS, central site connects a WAN port to the MPLS and MPLS has internet breakout. This is because the Meraki datacentres need to see traffic from all of the WAN ports coming from the same public IP address to enable the forming of the SD-WAN connections using the private IP addresses. Any deviation from this will lead to hair-pinning from one public IP address to another if it works at all.

cmr

The main requirement is that the switch connected to the MX needs to be in routing mode, an MS210, MS225 or any MS3/4 should do.

cmr

@BlakeRichardson yes, absolutely right, we have lots and only some gets recognised and the rest fills most of the rest of the top 10...

cmr

Community Record

Badges