Meraki

CptnCrnch

By default, an MX will do NAT and hide everything within your internal network (and Reote Access VPN) to its offical IP address on the outside interface. So, in a nutshell - it could be working right out of the box. Don‘t know anything about your infrastructure though

CptnCrnch

I'd love to be able to mark this a the solution 😉

CptnCrnch

Congrats, especially to @AlexGregoire for making it easy to help! Stellar contributions as always by @PhilipDAth and our bunch of "Big Things" in here. Thanks a million for that!

CptnCrnch

From a technical point of view, Layer 7 as well as IPS is handled by Snort processes. Therefore, these packets will have to run through that one to be handled accordingly.

CptnCrnch

Looking good so far!

CptnCrnch · ‎Oct 10 2024

I assume that the Guest visitors don't have the Umbrella Client installed? Do they have the same issues? Just to be able to narrow this one down a little...

CptnCrnch · ‎Oct 10 2024

Changes should be simultaneously, existing sessions should not be affected as the MX is a stateful device.

CptnCrnch · ‎Oct 8 2024

Sorry, no offense intended. It‘s rather unusual within a forum to say „let‘s do a private session to resolve that issue“. In this case, OP could simply give Meraki Support a call. 😉

CptnCrnch · ‎Oct 8 2024

From my point of view, the point of this forum is users helping users over here. Or are you trying to sell your services in the background?

CptnCrnch · ‎Oct 7 2024

What a great start @Knowguy! Keep it up, you rock! Of course, big fat congrats to everybody else!

CptnCrnch · ‎Oct 3 2024

Not a Single Layer 7 rule needed. Just block Access to TCP Port 23 in your regular Policy for this specific subnet

CptnCrnch · ‎Oct 2 2024

Switched back to 31.1.4 but the CW9166 is Auto-negotiating at 100Mbps only since… 😑

CptnCrnch · ‎Oct 2 2024

Wow, that's a huge bummer!

CptnCrnch · ‎Oct 1 2024

Had to switch back to 31.1.4 due to CW9166I's frequently (every few minutes) loosing connectivity. 😐

CptnCrnch · ‎Oct 1 2024

Woohoo! Congrats @sungod and warm welcome to the club!

CptnCrnch · ‎Sep 27 2024

No such issues on n176. I'm using the "new version" of that particular page.

CptnCrnch · ‎Sep 5 2024

No, it's modular: https://documentation.meraki.com/MX/MX_Overviews_and_Specifications/MX250_Datasheet

CptnCrnch · ‎Sep 5 2024

Amazing achievements this month! Thanks a lot for that and congrats to everyone involved!

CptnCrnch · ‎Aug 22 2024

Happy birthday to the community which means all of us! 🙂 A big, fat thank you goes out to @CarolineS and @AmyReyes! This place wouldn't be the same without you!

CptnCrnch · ‎Jul 26 2024

Welcome to the club @rhbirkelund! Well deserved 👍

CptnCrnch · ‎Jul 25 2024

Sure: RADIUS is the protocol to authenticate users and / or endpoints that is clear-text by nature. Passwords are hashed using a rather old method. Of course, it's not the best choice when this traffic is being transported over the internet. RADSEC is a way to build an encrypted communication channel between your network devices and the Meraki cloud so it strengthens your security posture. https://documentation.meraki.com/MR/Encryption_and_Authentication/MR_RADSec

CptnCrnch · ‎Jul 24 2024

The feature is free of charge. You should think about using RADSEC for the connection from your network due to its Cloud-based nature.

CptnCrnch · ‎Jul 22 2024

The tension mounts 😄

CptnCrnch · ‎Jul 22 2024

At least it's not like you caused an outage for 8.5 million computers with it though 😂

CptnCrnch · ‎Jul 17 2024

It looks like some of your clients are using APIPA addressing, so are using the IPv4 link-local addressing of 169.254.0.0/16.

About CptnCrnch

CptnCrnch

Chris

Community Record

Badges