Hi ICSU Interesting post I was wondering if it works the rules you applied. Did you see any improvement?   ... View more

@jbhehoman actually, the options disappear if you don't have a syslog server setup. I just noticed that. ... View more

We had this same issue with a MS-120-48 port. There weren't any reported issues, but we swapped out a few cables and the errors were still showing up. Meraki ended up sending us a replacement and that device has been error free.  ... View more

Thanks i'll give it a try and let you know ... View more

One option that may work is would be to use a Group Policy (network wide > configure > group policies) for the special users that should be able to access the site. Put website.com/login in the whitelisted URL section for that group policy, but also include website.com/login in the blocked URLs under the regular content filtering page. The whitelisted pattern in their group policy should take precedence over the blocked pattern. ... View more

If you want all remote sites' participating vlans to access the subnet at HQ: Example: HQ Subnet: 192.168.1.0/24 Remote Site 1 Subnet: 192.168.2.0/24 Site-to-Site VPN rule: Allow Any (protocol) Any (src) Any (port) 192.168.1.0/24 (dest) Any (port) Site-to-Site VPN rule: Deny Any (protocol) Any (src) Any (port) Any (dest) Any (port) This would block traffic originating at HQ destined to the remote sites unless you specify that with another allow rule before the Deny Any. ... View more

I've filled out the 'Make A Wish' for this same reason. I like the idea someone mentioned about using detect instead of prevent, but we have too many networks to do this manually each time.  ... View more