The Meraki Community
Register or Sign in
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • About Guillaume6hat
Guillaume6hat

Guillaume6hat

Here to help

Member since Mar 5, 2019

‎02-14-2022
Kudos from
User Count
PhilipDAth
Kind of a big deal PhilipDAth
2
Thibaut-Matzke
Thibaut-Matzke
1
Network-dad
Network-dad
1
BrechtSchamp
BrechtSchamp
1
RaulR
Meraki Employee RaulR
1
View All
Kudos given to
User Count
Kamome
Kamome
1
View All

Community Record

10
Posts
17
Kudos
0
Solutions

Badges

ECMS2
CMNA
Meraki FIT Level One
Meraki Master
First 5 Posts
First 10 Kudos View All
Latest Contributions by Guillaume6hat
  • Topics Guillaume6hat has Participated In
  • Latest Contributions by Guillaume6hat

Re: Filtering on exact match

by Guillaume6hat in Developers & APIs
‎02-14-2022 12:11 AM
‎02-14-2022 12:11 AM
You're right. That is also not perfect  😅   If there could be an option on the dashboard to have an exact match as well, like putting in double quotes for example, that would be awesome. ... View more

Filtering on exact match

by Guillaume6hat in Developers & APIs
‎02-11-2022 07:36 AM
2 Kudos
‎02-11-2022 07:36 AM
2 Kudos
Hello,   I discovered (while having an issue), that the result of Filtering was not what I wanted. I wanted to get all networks having the tag "MYTAG"   So, I used https://developer.cisco.com/meraki/api-v1/#!get-organization-networks , using the tags filter, it worked like a charm. Then one day, I realized I had more networks than expected. Indeed, it also contained sites with the tag MYTAG-NEW. It was for future migrations, so bad surprise.   It seems the check on tags is done with "contains". Should not the call return only exact tag match, with a full string compare ?    Maybe add an option, like for tagsFilterType : tagsFilterMethod, could be "exactMatch" or "contains". Or by default to be exact match, and using a '*' char if we want to match something else.     Thank you     ... View more

Re: Community Challenge: The Impossible Fix

by Guillaume6hat in Community Announcements
‎06-19-2020 01:25 AM
1 Kudo
‎06-19-2020 01:25 AM
1 Kudo
I needed to test third party VPN to DataCenter ASA from a MX remote site, as workaround solution. As the encryption domain for 3rd Party VPN was the same as the MX in DC, I was stuck, it was not possible to do it on the same organization without impacting all sites.   Another idea came to me. I had a MX cluster for tests purpose, with MS behind, and a computer. But as it was the Covid lockdown, I was not able to do any change physically. I first disabled and changed the Vlan Id on the Switches for ports connected to the MX2, then removed MX2 from network and unclaimed it from Prod Organization. Then claimed it and added it on another network, in a Preprod Organization. MX2 came back up in seconds, with new config, new subnet, and configured 3rd party VPN was UP. I was then able to change the switch port connected to my remote computer to the new Vlan Id, and activate the MX2 LAN ports. I found the DHCP IP of the computer in the Dashboard, and I did all the tests I wanted with VNC.   As tests were successful, I then switched back to the normal state, disabled LAN ports and changed Vlan Id, removed and unclaimed MX2 on Preprod Organization, claimed it on Prod Organization, added as Warm Spare, activated LAN ports, switched back Vlan Id for the computer. Again, my cluster was 100% functional in a few seconds.   From a MX Cluster, to 2 differents MX, in different networks, in different Organizations, testing on a computer, and then back to a MX Cluster, without any physical intervention, that was awesome !  😁 ... View more

Re: Updated Topology Icons

by Guillaume6hat in Off the Stack
‎06-10-2020 02:29 AM
1 Kudo
‎06-10-2020 02:29 AM
1 Kudo
This is strange, I downloaded it yesterday, and no sign of MG icon. Just checked again in the zip, nothing. I just downloaded it again, and now it's ok.   Well, thank you, I now have what I need 🙂   ... View more

Updated Topology Icons

by Guillaume6hat in Off the Stack
‎06-10-2020 01:12 AM
‎06-10-2020 01:12 AM
Hi Community !   I found this set of icons : https://meraki.cisco.com/blog/2018/12/our-topology-icons-speak-volumes/   This is really nice to do some Meraki style schemes, but it's missing the MG icon. Is there an updated set ? Is it possible to get this missing icon somewhere ?   That would allow me to have all the Meraki devices with the same type of icons.   Thank you ... View more

Re: Community Challenge: Folding@home

by Guillaume6hat in Community Announcements
‎05-14-2020 05:28 AM
‎05-14-2020 05:28 AM
I'm in !  I'm folding as:  gsauvage6hat ... View more

Re: Sharing experience - Tag Based IPsec VPN Failover

by Guillaume6hat in Developers & APIs
‎12-18-2019 03:16 PM
1 Kudo
‎12-18-2019 03:16 PM
1 Kudo
You can create empty networks 😉 Just create one, and then you can assign tags. I met a limit, if I remember correctly, this is 256 char limit, for all tags on a network. Then I created a second fake site for tags ... View more

Re: Sharing experience - Tag Based IPsec VPN Failover

by Guillaume6hat in Developers & APIs
‎12-18-2019 01:44 PM
‎12-18-2019 01:44 PM
Hi   I had the same issue, you have to assign the tag before to a network. As a workaround I created a network : Z_FakeSite_For_Tags, on which I added all tags I needed.   It should help you I think.   Don’t hesitate if you need more details ... View more

Re: Sharing experience - Tag Based IPsec VPN Failover

by Guillaume6hat in Developers & APIs
‎04-26-2019 02:42 AM
‎04-26-2019 02:42 AM
Hi,   I saw that errors 2 and 3 were corrected on the online documentation, good to see it's useful to participate 🙂   There is still the line 12 regarding WAN1. It should be "==" not "!=" , otherwise it will skip all WAN1 checks and only check WAN2, if existing.   -> if network['ip'] != '8.8.8.8' and network['uplink']=="wan1":   It could also be done directly in the API URL, line 4 : url = 'https://api.meraki.com/api/v0/organizations/<org_ID>/uplinksLossAndLatency?uplink=wan1 ... View more

Sharing experience - Tag Based IPsec VPN Failover

by Guillaume6hat in Developers & APIs
‎04-15-2019 06:34 AM
12 Kudos
‎04-15-2019 06:34 AM
12 Kudos
Hi all !   Sharing experience with community regarding a specific case ! We needed a failover solution for Zscaler VPN tunnel, in case of connectivity issue on primary Zscaler node.   Meraki provided this solution, based on Tags : https://documentation.meraki.com/MX/Site-to-site_VPN/Tag-Based_IPsec_VPN_Failover   At first, it was a little difficult to understand, but then I realized there was some errors in the documentation. I may be wrong, but here is what I think :   Line 12 : uplink must be equal to wan 1, not different. We'll see later, but for that, we can also specify it in the URL requested. Line 26 : There are brackets missing for print function  : print("Need to change VPN, recent loss - "+str(iteration['lossPercent'])) In the site to site configuration screenshot, both tags must be Up. The script change tags on Networks, Always one UP and one DOWN, not on VPN tunnels. If one is UP and the other is DOWN, the network will match both, it will not work.   That was very useful, and provided a quick solution. But then, I had a lot of limitations with this script, so I enhanced it :    There can only be those tags on network, in positions 1 and 2. When a Swap occurs, all other tags are lost. I used an array to keep all tags except Zscaler related, to add them again after.   In HA, the two devices are processed. So in the event of a slight difference between metrics, we could have issues. I had this case : Issue on Primary Zen, so Swapped to Backup Zen. After 5minutes, all results for member 1 are ok, so it swapped back to Primary, and then, going through member 2, which still has a metric above the threshold, which resulted in a Swap again to Backup Zen. Example, loss results returned by API : Member1 : Loss = 29 (Below threshold, Swap back to Primary) Loss=0 Loss=0 Loss=0   Member2 : Loss = 31 (Above Thresholh, Swap again to Backup) Loss=0 Loss=0 Loss=0   Solved by keeping the last Network processed in a variable, and to skip if it is the same.  -> I didn't found a solution to get "Master/Slave" status with API, so I could check only the Master. Is it possible ?   It only skips if monitored IP is 8.8.8.8. Added an array with IPs we want to skip. Could also do the opposite, by specifying Monitored IP in a ipToInclude for example.   Added "Latency" metric check in addition of "Packet Loss"   Added a ZEN_Forced tag part, to have the possibility to force a ZEN in the dashboard. In case this tag is added, the script will skip the checks for this network.   One of the most problematic part was that this script needed to run permanently, and in case of issue, we would lose the "Network Down" information, and then, after another run, there would be no Swap back to Primary. I added a "ZEN_Swapped" tag, to keep information. Script can then be run on one time basis by removing the While loop and sleep.   I'm sure it's not perfect, and needs more improvements, but if it can help someone... 🙂 It could be good also to update the Meraki Documentation with corrections, and why not some of these changes to the code.     Regards,   import requests, json, time api_key = '' org_id = '' #Specify monitored IPs to exclude from the script, typicaly all non Zscaler IPs you monitor ipToExclude = ['8.8.8.8','8.8.4.4','208.67.220.220','208.67.222.222'] url = 'https://api.meraki.com/api/v0/organizations/'+org_id+'/uplinksLossAndLatency?uplink=wan1' header = {"X-Cisco-Meraki-API-Key": api_key, "Content-Type": "application/json"} previousNetwork = "" while True: response = requests.get(url,headers=header) for network in response.json(): tagsAfter = [] #Array with final tags tagsString = "" #String with final tags if network['ip'] not in ipToExclude and network['networkId'] != previousNetwork: skipNetwork = False network_info = requests.get("https://api.meraki.com/api/v0/networks/"+network['networkId'], headers=header) print("-------------------------------------") print("Network Name : "+network_info.json()['name']) print("Network Id : "+network['networkId']) print("Device Serial : "+network['serial']) print("Monitored IP : "+network['ip']) loss=False tagsBefore = network_info.json()['tags'].split(' ') swapped = False #We get all tags of Network, and specificaly Primary and Backup ZENs. If there is a ZEN_Forced tag, we stop for tag in tagsBefore: if "ZEN_Forced" in tag: skipNetwork = True if "ZEN_Primary" in tag: primary = tag print("Primary ZEN : " + primary) elif "ZEN_Backup" in tag: backup = tag print("Backup ZEN : " + backup) elif tag == "ZEN_Swapped": swapped = True else: tagsAfter.append(tag) if skipNetwork: print("ZEN Forced, skip network") break #We then check connectivity Health, and if conditions are not met, we Swap Backup and Primary, and add a ZEN_Swapped tag for iteration in network['timeSeries']: if iteration['lossPercent'] >= 30 or iteration['latencyMs'] >= 100: loss=True if swapped == True: print("VPN already swapped") break else: print("Need to change VPN, recent loss - "+str(iteration['lossPercent'])+"% - "+str(iteration['latencyMs'])+"ms") tagsAfter.append(primary.split("_Up")[0]+"_Down") tagsAfter.append(backup.split("_Down")[0]+"_Up") tagsAfter.append("ZEN_Swapped") for tag in tagsAfter: tagsString+= tag + " " print("New List of Tags : "+tagsString) payload = {'tags': tagsString.strip()} new_network_info = requests.put("https://api.meraki.com/api/v0/networks/"+network['networkId'], data=json.dumps(payload), headers=header) break #If connectivity Health is back to normal on Primary we swap back if loss==False and swapped == True: print("Primary VPN healthy again..Swapping back") tagsAfter.append(primary.split("_Down")[0]+"_Up") tagsAfter.append(backup.split("_Up")[0]+"_Down") for tag in tagsAfter: tagsString+= tag + " " print("New List of Tags : "+tagsString) payload = {'tags': tagsString.strip()} new_network_info = requests.put("https://api.meraki.com/api/v0/networks/"+network['networkId'], data=json.dumps(payload), headers=header) previousNetwork = network['networkId'] print("Sleeping for 30s...") print("#####################################") print("#####################################") time.sleep(30) ... View more
Labels:
  • Labels:
  • Code Sample
  • Dashboard API
Kudos from
User Count
PhilipDAth
Kind of a big deal PhilipDAth
2
Thibaut-Matzke
Thibaut-Matzke
1
Network-dad
Network-dad
1
BrechtSchamp
BrechtSchamp
1
RaulR
Meraki Employee RaulR
1
View All
Kudos given to
User Count
Kamome
Kamome
1
View All
My Top Kudoed Posts
Subject Kudos Views

Sharing experience - Tag Based IPsec VPN Failover

Developers & APIs
12 6596

Filtering on exact match

Developers & APIs
2 488

Re: Community Challenge: The Impossible Fix

Community Announcements
1 5837

Re: Updated Topology Icons

Off the Stack
1 2130

Re: Sharing experience - Tag Based IPsec VPN Failover

Developers & APIs
1 5400
View All
Powered by Khoros
custom.footer.
  • Community Guidelines
  • Cisco Privacy
  • Khoros Privacy
  • Privacy Settings
  • Terms of Use
© 2023 Meraki