Meraki

ww · ‎Jul 30 2020

https://meraki.cisco.com/lib/pdf/meraki_whitepaper_mx_sizing_guide.pdf

ww · ‎Jul 28 2020

Yes New ssid and New vlan. Then create firewall rules that this vlan/subnet can not access your lan subnets. (Also possible using a group policy and attach it to the vlan.)

ww · ‎Jul 24 2020

In that case you have to advertise the 10.32.0.x and 172. subnet at the hq. At the autovpn settings > Local networks

ww · ‎Jul 24 2020

Hq mx is in routed mode? You have a simple network drawing? Not sure if your hq is behind asa,coreswitch or both.. On the hq mx you create a route for 172.30.x.x to the next hop (ip of the coreswitch 10.32.0.??? ) , and you select advertise this route in vpn. The coreswitch knows the way(routing table) to 172.30.x.x and 10.32.18.x ?

ww · ‎Jul 16 2020

https://documentation.meraki.com/zGeneral_Administration/Support/Resetting_Cisco_Meraki_Devices_to_Factory_Defaults

ww · ‎Jul 16 2020

Try factory reset one at home. Check the home router if it give out a dhcp lease for that mr33

ww · ‎Jul 13 2020

Put them all on allow and see if it works. (To check if its a fw issue) The ise does not push any rules?

ww · ‎Jul 13 2020

10.128.128.128 is a meraki AP ip. any fw rules configured?

ww · ‎Jul 10 2020

No bgp routing in the meraki switches

ww · ‎Jul 7 2020

No, but its also not a problem or is it? Your provider next hop is 2.2.x.x. you have to ask your wan2 provider for details. They maybe use this kind of ip to save public ip space. Or they want to avoid the possibility that your mx wan2 uplink is in the same range as one of you private range lan subnets. Your wan1 has a real public routable ip. Thats why the local (uplink)interface and wan1 shows the same ip

ww · ‎Jul 7 2020

Not in your device. Your provider does it in his network

ww · ‎Jul 7 2020

166.140 is the ip meraki dashboard is receiving data from. 2.2.2.2 is you private (or public) real local interface adres, in this case its doing nat somewhere.

ww · ‎Jun 27 2020

It looks like your mikrotik supports more then 1 IP on the interface/default vlan. Meraki only support 1 IP/subnet for each vlan interface. So you need to (re)design your network based on vlans

ww · ‎Jun 26 2020

Where are the clients connected and what vlan is on the access port and on the trunk port connected to the mx? What ip and gateway has client 1 and ips1 ?

ww · ‎Jun 23 2020

The second solution i gave you should also work

ww · ‎Jun 23 2020

Highest vlan in vpn https://documentation.meraki.com/MX/Other_Topics/MX_and_Z1_Source_IP_for_RADIUS_Authentication

ww · ‎Jun 18 2020

No

ww · ‎Jun 12 2020

I assume pa2 takes over the Ip of pa1.(vrrp)

ww · ‎Jun 11 2020

There are some other topics about this. however at some switch types this works or worked before and some types do not work at all, but its recommended to have the management ip of the svi/core switch in the uplink subnet. https://community.meraki.com/t5/Switching/Management-VLAN/m-p/19025

ww · ‎Jun 8 2020

You just corrected it or was it already the same? What does the "raw" info at cdp/lldp say?

ww · ‎Jun 4 2020

If you connect it using layer2 vlans to the mx its no different then now. The layer3 interfaces stay en on the mx. Vlan 1 and 95 can only communicate when the traffic passes the mx (or not with firewall rules in place). Proposed scenario 1 is the quickest to test. If that works, its probably best to config scenario 2 as solution

ww · ‎Jun 4 2020

Can you disconnect Port 9 of mx2. And then try connect mx2 to your stack again Or Connect the server at vlan 95 to the stack and add vlan 95 to the trunk to the mx. (And Disconnect both 95 cables of the ms120)

ww · ‎Jun 4 2020

At the switch currently 1 Port is stp blocking? How are the ports that connect mx and ms425 configured ?

ww · ‎May 29 2020

I did not test this. But it should work using the wan1 Port https://community.meraki.com/t5/Security-SD-WAN/VLAN-Config-on-Singled-Armed-concetrator-for-SSID-Tunneling/m-p/66929#M16845

ww · ‎May 19 2020

Its just a management/ alerting setting. You can set it at the switch settings

About ww

ww

Community Record

Badges