Hi Stoerfaktor, In the end, nothing was done, but we were informed that the problem no longer occurred and the issue was closed. Thank you very much. ... View more

Just another update on this - we removed the MS250 switch and connected the MX250 directly to the ISP with the same result on the Local Status page - Internet access but cannot connect to the Meraki cloud - we left it for 15 mins and then decided to power cycle the MX250, and that seemed to kick start it to eventually registering on the dashboard.  We connected the Layer 3 MS250 switch in between the MX and ISP, same as the test setup that was failing last week, and this time the MX registered. We had another MX250 for a warm spare setup and it was exhibiting the same initial issue connected through the MS250 - this time we did not connect it directly to the ISP but just power cycled it and it registered OK - we did not power cycle the MX250's last week but we did factory reset the first one, which seems to have not provided the required kickstart. Speaking with Meraki support, they mentioned that the Unknown CA alert occurs sometimes if the ISP is doing deep inspection, which may cause it to use it's own certificate for the tunnel, and power cycling or factory resetting should resolve that - not expected to be a recurring problem once the MX250 eventually registers.     ... View more

Hi NesAlba, thanks for your answer. Unfortunately Port Management Privileges are defined per network, and therefor can only be assigned per network and user. They cannot be set on tags. Also, the tags from the switchport are not the same tags you can set rights on in the UpdateOrganizationAdmin, those would be the tags from the network. ... View more

There may be a way.... But it depends if you want to run beta.   https://documentation.meraki.com/MX/Networks_and_Routing/Source_Based_Default_Routing   Tom ... View more