The Meraki Community
Register or Sign in
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • About Lukef
Lukef

Lukef

Here to help

Member since Nov 6, 2017

‎09-07-2022
Kudos from
User Count
PhilipDAth
Kind of a big deal PhilipDAth
2
cmr
Kind of a big deal cmr
3
CSIT
CSIT
1
Bruce
Bruce
1
Ahmad_Qattan
Ahmad_Qattan
1
View All
Kudos given to
User Count
MyHomeNWLab
MyHomeNWLab
1
PhilipDAth
Kind of a big deal PhilipDAth
1
Bruce
Bruce
1
MerakiDave
Meraki Employee MerakiDave
1
NikolaiProniaev
NikolaiProniaev
1
View All

Community Record

18
Posts
8
Kudos
0
Solutions

Badges

1st Birthday
First 5 Posts
Lift-Off View All
Latest Contributions by Lukef
  • Topics Lukef has Participated In
  • Latest Contributions by Lukef

Re: vpn concentrator OSPF

by Lukef in Security / SD-WAN
‎08-09-2022 07:35 PM
‎08-09-2022 07:35 PM
Thanks, And providing we advertise both mx's at a different cost, if at least the link between the sites break, the secondary site will still have availability to the datacentre via the SD-WAN. If we lose internet connectivity at the DC, it should also fail over to the secondary mx as the primary will be offline.     ... View more

Re: vpn concentrator OSPF

by Lukef in Security / SD-WAN
‎08-09-2022 07:32 PM
‎08-09-2022 07:32 PM
Thanks Philip, Would be nice but a bit cost prohibitive at the moment. Appreciate your feedback as it is not something we have thought of in the design as an option.   ... View more

vpn concentrator OSPF

by Lukef in Security / SD-WAN
‎08-04-2022 05:53 PM
‎08-04-2022 05:53 PM
Hey Team, We are in the process of designing a datacentre solution for an existing Meraki network. The customer would like dynamic routing between the datacentre and head office. We are going to be using OSPF to get the routes from the Meraki kit but wondering, Do you use a separate area for the meraki concentrators or do you put it all on area 0.   https://imgur.com/X4xu9y4    ... View more

Re: vMX Large on Azure

by Lukef in Cloud Security / SD-WAN
‎05-30-2022 11:35 PM
‎05-30-2022 11:35 PM
It Still does not AFAIK. Which is crazy   ... View more

Re: vMX Large on Azure

by Lukef in Cloud Security / SD-WAN
‎05-30-2022 11:08 PM
‎05-30-2022 11:08 PM
Would like to know this answer also. We have a customer that needs this ASAP.   ... View more

Re: Meraki MX with Umbrella SIG Advantage

by Lukef in Security / SD-WAN
‎05-09-2022 05:25 PM
‎05-09-2022 05:25 PM
Hi Team also have some questions on SIG. If for some reason the VPN goes down, I'm guessing (like third party vpn default route) that the internet connection will not fail over taking the vlans protected by this offline.   Could someone confirm this ?   EDIT> Looking the SIG can now be integrated to Auto VPN so that is a plus. What is the overall feedback of SIG? Is it worth the money or should we egress through a third party firewall solution?         ... View more

Re: Azure Default route

by Lukef in Security / SD-WAN
‎05-09-2022 12:40 AM
4 Kudos
‎05-09-2022 12:40 AM
4 Kudos
Hey Phillip, I resolved the issue. Not sure what it did but a redeployed my firewall in azure and it sorted itself. All config was still the same but guessing something was wrong in the interface order or something. I can confirm i have a working fortinet firewall with a Meraki behind it acting as a default route!!   thanks for your reply! ... View more

Re: AnyConnect SAML Group Policy assignment

by Lukef in Security / SD-WAN
‎05-09-2022 12:38 AM
‎05-09-2022 12:38 AM
Is this still the case? ... View more

Re: Azure Default route

by Lukef in Security / SD-WAN
‎05-03-2022 05:07 PM
‎05-03-2022 05:07 PM
Any luck on this one guys, Have spoken with Meraki support and they are very vague and have no examples of this working but think it should work? They mentioned contacting Azure support which I have done but not sure how far this will get.   ... View more

Azure Default route

by Lukef in Security / SD-WAN
‎05-02-2022 11:05 PM
‎05-02-2022 11:05 PM
Hi Team, We have a requirement where we need to make our azure vmx a default route so we can pass off the SD-WAN to another firewall appliance.   Just wondering if anyone has ever managed to get this to work. From the reading i have done others have this working happily in AWS but there is not much info doing this via Azure.   I have setup the environment, set the default route for the vmx to egress via our firewall appliance which is working fine and as i can see the vmx public ip is now the same as our firewall appliance.   The problem is as soon as i set the vmx as a default route for one of our test sites internet access drops at the test site on the sd-wan connected vlan. I have done some packet captures on our firewall appliance and can see the traffic go out and come back in and get routed to the vmx. However on the vmx all i can see is retransmissions in the logs.   Have any of you managed to get this to work? thanks in advance.   ... View more
Labels:
  • Labels:
  • Azure

Re: Help with HA MX design

by Lukef in Security / SD-WAN
‎10-28-2020 04:40 PM
1 Kudo
‎10-28-2020 04:40 PM
1 Kudo
Design updated, thanks for the feedback   ... View more

Re: Help with HA MX design

by Lukef in Security / SD-WAN
‎10-28-2020 01:56 AM
‎10-28-2020 01:56 AM
A yes good point, plenty of free ports.  thanks for pointing that out ... View more

Help with HA MX design

by Lukef in Security / SD-WAN
‎10-27-2020 10:47 PM
1 Kudo
‎10-27-2020 10:47 PM
1 Kudo
Hey Guys / Gals I have a similar question to this thread https://community.meraki.com/t5/Security-SD-WAN/How-to-cable-MX-amp-MS-for-HA/td-p/22765  and after some assistance with HA design. We have a customer with a fibre service that we are going to be patching to two Meraki MX100's in a HA pair using the virtual IP option. We do not have a second fibre internet service, so for redundancy we are going to install a MG21E 4G service and thinking we could patch that into the secondary MX on WAN2.   I'm hoping from what I have read the it should fail over in the following order. MX1 WAN1 - fibre virtual ip MX2 WAN1 - fibre virtual ip MX2 WAN2 (connected to MG21E)   From your information does this seem correct. My logic is if the main internet service fails, it will fail across to the second mx on the 4g service? I believe I could patch the MG21E into both MX's on WAN2, however if MX1 loses internet for some reason due to cabling issue, it will then fail to wan2 (4g) rather than to the spare mx WAN1 that may have a working fibre connection.   Looking for any guidance / assistance.    Cheers ... View more

Re: Feature Request: Geo Blocks on Port forwards

by Lukef in Security / SD-WAN
‎10-27-2020 10:34 PM
‎10-27-2020 10:34 PM
It stops a whole heap of useless traffic hitting open ports preventing those services from logging traffic we do not care about, so yeah not entirely useless. ... View more

Re: Feature Request: Geo Blocks on Port forwards

by Lukef in Security / SD-WAN
‎06-24-2020 05:18 PM
1 Kudo
‎06-24-2020 05:18 PM
1 Kudo
Is no one else interested in this feature? Just about every other firewall out there does this. Firepower Fortinet Watchguard.   This can sort of be done with group policies but it is not granular at all and will block any outbound traffic to those countries. It also shows all the hits in the logs as layer 7 rules do not apply to inbound nat / port forward rules.     I'm surprised that this is not largely requests as it is such a basic feature that all decent firewalls should have.   Thanks ... View more

Switch ACL

by Lukef in Switching
‎05-06-2020 01:07 AM
‎05-06-2020 01:07 AM
Hi All Is there ever going to be an update on Meraki swtiches to allow port ranges in the ACL. We have a customer using Meraki as layer 3 and not having this feature is rubbish for such an expensive switch. ... View more

Re: Client Tracking in Full Stack Environment

by Lukef in Full-Stack & Network-Wide
‎05-05-2020 12:03 AM
‎05-05-2020 12:03 AM
We have also tried and are running cloud track, however often downstream devices show as offline when it isn't the case.   ... View more

Feature Request: Geo Blocks on Port forwards

by Lukef in Security / SD-WAN
‎10-14-2018 06:22 PM
1 Kudo
‎10-14-2018 06:22 PM
1 Kudo
It would be great if Meraki could support Geo blocking based on Port Forwards rather than a blanket block  using to / from countries layer 7 rule.       ... View more
Kudos from
User Count
PhilipDAth
Kind of a big deal PhilipDAth
2
cmr
Kind of a big deal cmr
3
CSIT
CSIT
1
Bruce
Bruce
1
Ahmad_Qattan
Ahmad_Qattan
1
View All
Kudos given to
User Count
MyHomeNWLab
MyHomeNWLab
1
PhilipDAth
Kind of a big deal PhilipDAth
1
Bruce
Bruce
1
MerakiDave
Meraki Employee MerakiDave
1
NikolaiProniaev
NikolaiProniaev
1
View All
My Top Kudoed Posts
Subject Kudos Views

Re: Azure Default route

Security / SD-WAN
4 643

Re: Help with HA MX design

Security / SD-WAN
1 1216

Help with HA MX design

Security / SD-WAN
1 1367

Re: Feature Request: Geo Blocks on Port forwards

Security / SD-WAN
1 1316

Feature Request: Geo Blocks on Port forwards

Security / SD-WAN
1 1755
View All
Powered by Khoros
custom.footer.
  • Community Guidelines
  • Cisco Privacy
  • Khoros Privacy
  • Cookies
  • Terms of Use
© 2023 Meraki