Here you go, one from yesterday. Swapped out old cisco's for Meraki MS225.      Before                 After ... View more

The most issues with the client VPN i have experienced are with devices behind NAT. Or just Windows being a pita (pain in the ass)   Client behind NAT devices Solution: Modern Windows devices do not support L2TP/IPsec connections when the Windows computer or VPN server are located behind a NAT. If the Windows VPN client fails with Error 809 when trying to establish a VPN connection to an MX located behind a NAT, add the "AssumeUDPEncapsulationContextOnSendRule" DWORD value to the Windows registry. This DWORD value allows Windows to establish security associations when both the VPN server and the Windows based VPN client computer are behind NAT devices.   For Windows Vista, 7, 8, 10, and 2008 Server: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\PolicyAgent  RegValue: AssumeUDPEncapsulationContextOnSendRule Type: DWORD Data Value: 2 If you configure the above delete the VPN, reboot and create the VPN again.    Cheers, Ben   ps: the above is one of the solutions in the link @BrechtSchamp  posted. But the one above is the most frequent i have encountered. ... View more

@PhilipDAth wrote: I think you are taking the wrong approach.   I would instead consider putting it Amazon AWS, Google Cloud or Azure, and moving it off premise.   Life will be much simpler. edit: keeping all options open! ;-)   But i'm with @PhilipDAth on this one!  ... View more

Not sure why you would need/want web caching nowadays? But to answer your question HTTP = Port 80 so this would not include HTTPS. ... View more

If i'm reading and interpreting your post correctly than yes that would work.  Just to be sure your setup is   MX  <---->   Cisco router  <----->  switch <----->  clients         Rgrds, Ben ... View more

I know Meraki has had issues with provider power on the MS220 series. There were issues in the past where the power supply became mis-identified by the switch. I think they resolved it via Firmware upgrades. Check your event logs on the switches for "PoE budget changes" Something like "PoE budget change PoE budget changed from 740W to 0W" ... View more

@bluecavalry  if it were fiber transceivers between the MS and MX that would matter.  I have several MS switches that do not have a clue being connected to an MX.    Now regarding your question about the lldp data. checked a network and here the switch is connected to LAN Port 4 of the MX100    System name Meraki MX100 - MX100 System description Meraki MX100 Cloud Managed Router Port ID 2 Chassis ID   Port description lan port 2 System capabilities   I have another switch on port 3 which is connected to lan port 1 (port 3 on the front of the MX) This is because LAN 2 is configured as internet. So i guess numbering depends on the fact of having 2 WAN Ports or not.   ... View more

Question, how is this MS device connected to the MX? UTP, Fiber? Rgrds, Ben ... View more

if you are sure that your ip configuration is correct sometimes it's best to wait it out. Or reboot the MX and it should register itself in the dashboard. Give it some time.   Sometimes it's the browser that "takes time" refreshing or showing the correct status.    Rgrds, Ben ... View more

@Liem-Thanh  it's an online webinar you can follow (for the ecms1) ... View more

If you allow the TCP traffic on port 45200 this should work.   Regards, Ben ... View more

It's quite hard to seperate the facebook and facebook workplace applications. As mentioned above perhaps it's time to look at something more enterprise grade software for collaboration. Cheers, Ben ... View more

@The_Livingstone  can u disable the pfs group and provide us with some feedback?     ... View more

Set the DHCP lease Time to 30 minutes in the evening when everyone leaves and wait.. That's how I handle this.    Cheers  Ben ... View more

I can't wait for the Cisco Meraki Solutions Specialist certification! But if the ECMS2 is coming anytime soon that would be great too!     ... View more

Can u post your config here of your VPN tunnel? This is a bit easier to help you out. make sure it's ikeV1 instead of ikeV2.   I'm not sure if the 1941 router has the same sort of configuration as a 2811 but here below you have a site to site documentation of this setup https://documentation.meraki.com/MX/Site-to-site_VPN/Configuring_Cisco_2811_router_for_Site-to-site_VPN_with_MX_Series_Appliance_using_the_Command_Line_Interface     Cheers, Ben         ... View more

Hi,   I'm not sure how it all was setup but perhaps you can have a look here in the documentation and see if you can spot anything that is misconfigured.   https://documentation.meraki.com/SM/Device_Enrollment/SM_Enrollment_Authentication   I do spot this in the documentation If issues are encountered, ensure that the AD server used has the Global Catalog role enabled     ... View more

Congrats to the MOTM's ! It's a new years resolution of mine to spend more time here. Hope to free some time on my agenda soon to do so!     ... View more

  @PhilipDAth wrote: Pure speculation - but 14.x is being pushed out like craxy to MX.  Soon that means 13.x will dropp off as an option, which means 15.x can be added .... and 15.x has IKEv2. Are the firmware versions the same for all countries?  I keep thinking we are behind on versioning in EU..  Stable release candidate 14.39 but beta => coming soon without version numbers of features listed. ... View more

@Nyrenthia wrote: Ben, I do not agree with you ...     ______________________ Nyrenthia ShowBox-apk   And that's your full right. I guess you don't have customers needing source nat or any of the missing features. =)    Cheers, Ben ... View more

Where exactly are you trying to set this "target group"?   Cheers, Ben ... View more

Sometimes it can take a while, I noticed that sometimes the stream comes through when switching from Wireless to LTE or the other way arround..    These days I mostly operate the Meraki Dashboard from Google Chrome on my phone due to the 6inch screen my phone has now. =)    Cheers, Bne ... View more

haha, cats and IT gear. Somehow they are drawn to it...   ... View more