He's a gnome on his gnomio - he's looking for an appropriate buddy (its SF - no gender assumptions)     ... View more

I thought they were ZZ Top   ... View more

@marhill2 wrote:     Ubersee -  . .  . Also most Cisco boxes are complicated to setup when it comes to IPTV from a service provider, at least it was for me when I had AT&T Uverse. My work around was just to include the IPTV boxes into the native VLAN 1 and they worked fine.    Marcus   Thanks for your suggestion. I guess there are a number of ways of implementing multicast, and the Far East, Europe and North America do it differently. Despite being told by Meraki support that the MX won't handle BT's flavour of SSM IP TV, I have tried setting up some firewall rules, without success - e.g. an outbound rule that allows anything to 224.0.0.0/4, 109.159.247.0/24 (the ranges used by BT). Testing is simple, I use VLC Media Player on a workstation and then rtp://234.81.130.4:5802 - which is the unencrypted test channel. I know the switch is OK as I have used it with the BT POS "HomeHub" and it works.   All this is slightly more difficult for me as I'm not a network engineer, although I have several MNO clients, I tend to do strategy, Informatics and projects, so there is always somebody else to look after the configuration side. But I did quite a lot of packet capture and sent them off to the support folk at one of my previous Bay Area stack suppliers, to no avail.   By one of life's ironies, sitting in Meraki's UK office is the engineer who set up how the IPTV box was to interact with the multicast streams and all the required network infrastructure, unfortunately he is fully engaged working on the UK government's sclerotic IT infrastructure and heading up the Meraki phone technical side for Europe (can't come soon enough).   Cheers   ... View more

The MX/Meraki system could be really excellent as a home system, but it doesn't do Multicast properly which rather nixes home deployment as far as IP TV from SSM content providers. For parents, the ability to control the kids' mobile devices is ace, as is the integration of CCTV and VoIP.     ... View more

@marhill2 wrote: Its tough getting used to a GUI based platform when you have been in the CLI for so long. It's probably more difficult than giving up smoking. But worth it, as mostly fewer typos. ... View more

@PhilipDAth wrote: You can't use splash pages if you have Active Directory integration turned on.  Have you by chance got Active Directory integration enabled? https://documentation.meraki.com/MX-Z/Access_Control_and_Splash_Page/Access_Control that is a worthwhile reminder, thank-you. ... View more

Probably better to use something like x.x.5.5 to disguise real public IP addresses. ... View more

E-Plus used to be a German mobile network operator, they were merged with the Telefonica subsidiary O2 Deutschland. The IP numbers you have indicated are original E-Plus IP addresses 5.1.128.0 - 5.1.255.255 E-Plus Mobilfunk GmbH 5.4.0.0 - 5.7.255.255 E-Plus Mobilfunk GmbH ... View more

You have some E Plus numbers there? ... View more

With all manufacturers' products, I find everything works better if I turn off 802.11b compatibility. ... View more

10G copper transceiver or Cisco Multimode    If I have understood you correctly.       ... View more

Airlines solved this problem by consolidating on a few hubs to cut down on the number of different flight destinations. When I have a lot of peers, in a dispersed network, I usually build a ring with a handful of cross ring connects, and build in some routing smarts. ... View more

Thanks for your helpful reply. For home offices/professional office suites, silent (fanless) network devices are a godsend. Very often, this kind of installation involves putting switches into the (roof) space above a corner room (think boss's office and bedrooms). It would be really handy to have the option to power these using PoE, and (even) passing through to one or two RJ45s. ... View more

There is a Draytek router that has an LTE modem built in. It has all sorts of other useful features, and incidentally handles Source Specific Multicast, which the MX does not; so one may route the multicast round the MX direct to the switch. Plus it is full IPv6 ready. ... View more

There is a lengthy section in a Cisco document on the topic of IGMP query-interval.    EG -  The Cisco IOS software uses a default IGMP query interval of 60 seconds, which is different from the RFC standard default of 125 seconds. Using a lower default IGMP query interval of 60 seconds allows routers to stop forwarding traffic faster when a member crashes without sending leaves (in IGMPv2 or IGMPv3 environment), or if using IGMPv1: 3 * 60 seconds versus 3 * 125 seconds. If a lower version IGMP-enabled interface (that is, an interface running IGMPv1 or v2) receives a higher version IGMP query (IGMPv3) with a different query interval, the following events will occur: An error message in the following format will be displayed: %IGMP-3-QUERY_INT_MISMATCH: Received a non-matching query interval <interval in seconds>, from querier address <ip-address>   There is too much to copy everything, but it is illuminating to read up on it.         ... View more

I pass Source Specific Multicast (SSM) through a small Meraki switch without issues, so I can stream encrypted 4K videos. To do this, I ensure that IGMPv3 snooping is enabled. But the MX does not handle SSM, and there is no information as to when it might. As a workaround, I have ordered a router that does handle SSM to place ahead of the MX. Ideally, I would have just put another MS switch ahead of the MX64 and used an IPv6 address, but my ISP has not fully rolled out IPv6 , yet and there are limitations as to what Meraki does with IPv6 presently.        ... View more

Apparently MS has been busy - Azure MFA with RADIUS authentication    As a solution to a different problem, I am looking at using a device that has a Radius server that can be synched with Azure AD, in the new year I shall attempt to get it working with AD and see if it can be used for WiFI authentication, without digging into the API.   I also use Univention's UCS which is cost effective         ... View more

@Uberseehandel wrote: Perhaps the simplest/cheapest way of implementing this is to set up AD Connect on a VM running a Nano Win2016 server, and linking that to Azure AD. https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/azure-active-directory-connect  use the link below https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/azure-active-directory-connect   can't see what was wrong with previous link.     ... View more

Perhaps the simplest/cheapest way of implementing this is to set up AD Connect on a VM running a Nano Win2016 server, and linking that to Azure AD. https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/azure-active-directory-connect  ... View more

I guess it also depends on the ISP. I am getting 75/22 using VDSL2. It does pay to check for the latest firmware. If you are getting poor performance, it is worth asking the ISP to check that they have latency correctly configured in the exchange. ... View more

I have my Vigor 130 configured to do PPPoA over PPPoE. Check the documentation on the Draytek UK website. This works best for multicast . https://www.draytek.co.uk/support/guides/kb-vigor-130-bridge?return=8567559 - you may like to check with your local Draytek distributor. Mostly the 130 figures out the ISP and configures accordingly. ... View more

Logically, a network exists at one or more sites. A network may exist in one or more time zones. A network may be physically or logically divided into one or more sub-networks.   Any network design system that ignores these inconvenient truths is doomed to failure.   People who sit the CMNO exam will be aware that amongst the gotchas in the practical exercises is the difference between time zones in different parts of the network. I often encounter networks which have been given site attributes and vice versa. Ultimately it leads to problems. ... View more

@PhilipDAth wrote: . . . something that requires a lot more effort for very little gain. I guess our definitions of very little effort are quite different.        ... View more