Register or Sign in
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- About Lukef
Lukef
Here to help
Member since Nov 6, 2017
Wednesday
Kudos given to
Community Record
18
Posts
8
Kudos
0
Solutions
Badges
Tuesday
Thanks, And providing we advertise both mx's at a different cost, if at least the link between the sites break, the secondary site will still have availability to the datacentre via the SD-WAN. If we lose internet connectivity at the DC, it should also fail over to the secondary mx as the primary will be offline.
... View more
Tuesday
Thanks Philip, Would be nice but a bit cost prohibitive at the moment. Appreciate your feedback as it is not something we have thought of in the design as an option.
... View more
2 weeks ago
Hey Team, We are in the process of designing a datacentre solution for an existing Meraki network. The customer would like dynamic routing between the datacentre and head office. We are going to be using OSPF to get the routes from the Meraki kit but wondering, Do you use a separate area for the meraki concentrators or do you put it all on area 0. https://imgur.com/X4xu9y4
... View more
05-30-2022
11:08 PM
Would like to know this answer also. We have a customer that needs this ASAP.
... View more
05-09-2022
05:25 PM
Hi Team also have some questions on SIG. If for some reason the VPN goes down, I'm guessing (like third party vpn default route) that the internet connection will not fail over taking the vlans protected by this offline. Could someone confirm this ? EDIT> Looking the SIG can now be integrated to Auto VPN so that is a plus. What is the overall feedback of SIG? Is it worth the money or should we egress through a third party firewall solution?
... View more
05-09-2022
12:40 AM
4 Kudos
Hey Phillip, I resolved the issue. Not sure what it did but a redeployed my firewall in azure and it sorted itself. All config was still the same but guessing something was wrong in the interface order or something. I can confirm i have a working fortinet firewall with a Meraki behind it acting as a default route!! thanks for your reply!
... View more
05-03-2022
05:07 PM
Any luck on this one guys, Have spoken with Meraki support and they are very vague and have no examples of this working but think it should work? They mentioned contacting Azure support which I have done but not sure how far this will get.
... View more
05-02-2022
11:05 PM
Hi Team, We have a requirement where we need to make our azure vmx a default route so we can pass off the SD-WAN to another firewall appliance. Just wondering if anyone has ever managed to get this to work. From the reading i have done others have this working happily in AWS but there is not much info doing this via Azure. I have setup the environment, set the default route for the vmx to egress via our firewall appliance which is working fine and as i can see the vmx public ip is now the same as our firewall appliance. The problem is as soon as i set the vmx as a default route for one of our test sites internet access drops at the test site on the sd-wan connected vlan. I have done some packet captures on our firewall appliance and can see the traffic go out and come back in and get routed to the vmx. However on the vmx all i can see is retransmissions in the logs. Have any of you managed to get this to work? thanks in advance.
... View more
Labels:
- Labels:
-
Azure
10-28-2020
01:56 AM
A yes good point, plenty of free ports. thanks for pointing that out
... View more
10-27-2020
10:47 PM
1 Kudo
Hey Guys / Gals I have a similar question to this thread https://community.meraki.com/t5/Security-SD-WAN/How-to-cable-MX-amp-MS-for-HA/td-p/22765 and after some assistance with HA design. We have a customer with a fibre service that we are going to be patching to two Meraki MX100's in a HA pair using the virtual IP option. We do not have a second fibre internet service, so for redundancy we are going to install a MG21E 4G service and thinking we could patch that into the secondary MX on WAN2. I'm hoping from what I have read the it should fail over in the following order. MX1 WAN1 - fibre virtual ip MX2 WAN1 - fibre virtual ip MX2 WAN2 (connected to MG21E) From your information does this seem correct. My logic is if the main internet service fails, it will fail across to the second mx on the 4g service? I believe I could patch the MG21E into both MX's on WAN2, however if MX1 loses internet for some reason due to cabling issue, it will then fail to wan2 (4g) rather than to the spare mx WAN1 that may have a working fibre connection. Looking for any guidance / assistance. Cheers
... View more
10-27-2020
10:34 PM
It stops a whole heap of useless traffic hitting open ports preventing those services from logging traffic we do not care about, so yeah not entirely useless.
... View more
06-24-2020
05:18 PM
1 Kudo
Is no one else interested in this feature? Just about every other firewall out there does this. Firepower Fortinet Watchguard. This can sort of be done with group policies but it is not granular at all and will block any outbound traffic to those countries. It also shows all the hits in the logs as layer 7 rules do not apply to inbound nat / port forward rules. I'm surprised that this is not largely requests as it is such a basic feature that all decent firewalls should have. Thanks
... View more
05-06-2020
01:07 AM
Hi All Is there ever going to be an update on Meraki swtiches to allow port ranges in the ACL. We have a customer using Meraki as layer 3 and not having this feature is rubbish for such an expensive switch.
... View more
05-05-2020
12:03 AM
We have also tried and are running cloud track, however often downstream devices show as offline when it isn't the case.
... View more
10-14-2018
06:22 PM
1 Kudo
It would be great if Meraki could support Geo blocking based on Port Forwards rather than a blanket block using to / from countries layer 7 rule.
... View more
Kudos given to
My Top Kudoed Posts
| Subject | Kudos | Views |
|---|---|---|
| 4 | 300 | |
| 1 | 884 | |
| 1 | 1035 | |
| 1 | 1010 | |
| 1 | 1449 |
