Hi @ehsan230564 ,   I would agree with @BrechtSchamp for the setup. Give you redundancy on ISP as well as hardware. However, If the solution provided is not viable for you, please provide us information on the physical setup.  Do you have any kind of network diagram as well as physical location information (i.e. are the Hub MX in the same subnet on the WAN interface and physically connected in the same room?) ... View more

Hello @WldWzl , When configuring an MX to access a server over VPN, the MX and Z1 use the Appliance LAN IP of the highest-numbered VLAN that is included in the VPN as the source address. The below document states the above information. Although the document points to radius traffic, the Mx functionality if the same for any traffic sourced from an MX to a remote server (Syslog, Netflow, Radius, AD etc) Have you tried filtering the traffic for this information?   https://documentation.meraki.com/MX/Other_Topics/MX_and_Z1_Source_IP_for_RADIUS_Authentication ... View more

Hello @KevinI , At the moment, Meraki does not have a direct integration with Azure AD. However, since Azure AD is cloud-based, you would need to set up some kind of VPN set up anyway (until a direct VPN with Azure can be established).  I would recommend checking up on the vMX feature of Meraki. Following KB gives you some details on the setup https://documentation.meraki.com/MX/Installation_Guides/vMX100_Setup_Guide_for_Microsoft_Azure     ... View more

Hello @Tom-B , Thank you for the information. I reached out to the support engineer. As support was able to reproduce this issue, the development team was engaged.  As an update, they were able to find the problem fairly quickly. We should have a fix in the next 1 or 2 days.    Note: I checked with my internal teams, apologies for requesting your case number. This information is private to you and there is no need to request it on a public forum. For your account safety and security please refrain from providing your case information even if asked by us. Instead, you can reach support directly for any assistance through the case.  Apologies for any misunderstandings.  ... View more

Hello @Aaron_Wilson , Normally, disabling a port on the MX through Dashboard will not show green when connecting any device to the MX on the disabled port. As pointed by other users, the same behavior is not noticed on MX64s. I would definitely recommend you call into support and have them investigate. There are 3 possibilities 1) This is a UI issue and the development team will need to be engaged.  2) This is a dashboard issue and upgrading the firmware might fix the problem (I would upgrade only if recommended by Meraki support as a fix) 3) This is a one-off issue and possibly factory reset should take care of it.    Either way, I would recommend you have this documented through a case with Meraki support so they can take this up with the development team if required.  ... View more

Hello @AndreasE , You should be able to see the list of topics once you enabled MV Sense on your camera (This feature requires a license).  Once enabled on the Camera > Settings page, you should be able to see the list of topics. Below is a snippet of the same info:             ... View more

Hello @Flavio_Vieira , As content filtering looks at the URL information, configuring an MX for track by IP (or) MAC would be okay. Tracking by IP would mean you need your MX to track client traffic by IP. This is a configuration you would use most when you have a layer 3 device downstream of the MX handling inter-vlan communication.    To be able to track your client traffic more accurately I would recommend you track by IP (meaning you will need to split the network).    Again this will not impact the way your MX handles content filtering.  ... View more

Hello @Tom-B , Can you share the support case number with us, we can reach out to Support and help move this forward? ... View more

Hello @BlakeRichardson , These banner messages would be automated for devices that have been replaced. The message should clear once the tracking of the replacement switch is completed.  To be on the safe side, I would recommend you have the corresponding Meraki case number and any tracking number should you be contacted for the same.  ... View more

The following KBs might help to enable VLANs and adding Static routes https://documentation.meraki.com/MX/Networks_and_Routing/Configuring_VLANs_on_the_MX_Security_Appliance   https://documentation.meraki.com/MX/Networks_and_Routing/MX_Addressing_and_VLANs     ... View more

Hello, Client VPN subnets have access your local LAN by default. This is not dependent on any firmware. A few questions for you Is your MX enabled for VLANs?  (navigate to Security and SD-WAN > addressing and VLANs >Routing, to check) Can the MX access the subnet 192.168.2.100/24? What is the interface of the MX for this subnet?     Do you have any layer 3 firewall rules denying all traffic to the local LAN? The MX will not allow you to add a static route for destination subnet as Client VPN subnet as that subnet is local to the MX ... View more

In addition to the above links, I would also recommend the below links   https://documentation.meraki.com/MR/WiFi_Basics_and_Best_Practices/Understanding_Wireless_Performance_and_Coverage ... View more

It is always ideal to have a single device take care of layer 3 firewall rules in a network (either the firewall or the AP). In a combined network, when you apply a group policy with layer 3 firewall rules, your telling the Meraki devices to handle the layer traffic at a singular level, so bypassing the global firewall rules would be expected.    Additionally, it is always easier to track all layer 3 firewall rules on one page, rather than jump between multiple devices.    I would recommend you add the layer 3 firewall rule at the global level (on the MX).    BTW, what rule are you adding on the AP level, that cannot be added at the MX? ... View more