Meraki

Community

About pdeleuw

Re: New Engineering Cisco Meraki Solutions (ECMS) v1.0

by in Off the Stack
a month ago
2 Kudos
a month ago
2 Kudos
I am Cisco instructor, teaching the ECMS (besides other courses). I do not know the current question pool. But from my experience with Cisco exams, you will always see questions which are not covered in the course. You should have some pracitcal experience before taking the exam. This is not only the case for the ECMS, but generally applies to all Cisco exams. You can find some hints for preparing the exam in the learningnetwork: https://learningnetwork.cisco.com/s/meraki-solutions One additional point regarding the ECMS: Parts of the content is not included in the student guide. The instructor shows many things using a demo environment. There are no slides for this content. It is not easy for you as student to review this content. ... View more

Re: Mesh configuration.

by in Wireless
a month ago
a month ago
This is correct. An AP will work in mesh mode, if it has no IP address on it's LAN interface. So one AP has to work as "regular" AP, it will be the gateway. The other AP, just powered up, will recognize that it has no IP address. Then it will connect wireless to a gateway AP. This needs no further configurations, this behavior is programmed in firmware. There is a setting in Network-wide, there you can activate or deactivate meshing. Of course, it must be activated. This is default. The APs will send a hidden SSID for meshing. ... View more

Re: Cloning Configuration?

by in Sensors
‎Jan 13 2025 6:09 AM
1 Kudo
‎Jan 13 2025 6:09 AM
1 Kudo
Sorry, I did not do something like this via API. I think the API is a good thing for doing the same job a lot of times. but of course, if setting up the API requests is more time consuming than doing it manually, it is better to do it manually. ... View more

Re: Intrusion detection and prevention

by in Security & SD-WAN
‎Dec 4 2024 12:48 PM
2 Kudos
‎Dec 4 2024 12:48 PM
2 Kudos
Thank you, Karsten. IDS and IPS have different behaviors. Very new finding for me ... ... View more

Re: Deep link does not work as expected

by in Dashboard & Administration
‎Nov 19 2024 7:56 AM
‎Nov 19 2024 7:56 AM
It seems that deep links to managed clients are not possible. ... View more

Re: Dual ISP on Hub, single ISP on Spoke-- 2 autoVPN tunnel ?

by Kind of a big deal in Security & SD-WAN
‎Nov 18 2024 10:54 AM
‎Nov 18 2024 10:54 AM
I can only confirm that this was the behavior I noticed. However it is important to note that this was matching traffic by regular L3/4 rules, not the L7 application layer detection. So I cannot guarantee it 100%. ... View more

Re: Implementing Templates

by Kind of a big deal in Dashboard & Administration
‎Nov 17 2024 11:40 AM
‎Nov 17 2024 11:40 AM
When you apply a template the IP address and DHCP settings are lost.  So first make a note of the IP address and DHCP settings, apply the template, and then restore the original IP address and DHCP settings. ... View more

Re: Behavior of MR device when syslog server become unreachable

by in Wireless
‎Nov 15 2024 1:01 PM
2 Kudos
‎Nov 15 2024 1:01 PM
2 Kudos
The AP is not aware of the syslog server and it's reachability. ... View more

Re: Site to site VPN ipsec issue in between Mikrotik and Meraki

by in Security & SD-WAN
‎Nov 12 2024 3:18 AM
2 Kudos
‎Nov 12 2024 3:18 AM
2 Kudos
The VPN is now working, there was firewall policies in Mikrotik which had be prioritized( placed on TOP below srcnat(Internet access rule). The traffic is getting back and forth now, thank you for your suggestions. ... View more

Re: Umbrella DNS vs Google DNS for DHCP

by in Security & SD-WAN
‎Nov 11 2024 11:06 AM
‎Nov 11 2024 11:06 AM
Using Umbrella DNS should give you the built in security for the known bad or malicious sites - that constanly gets updated, but you would not be able to add your own without the Umbrella subscription, ... View more

Re: One company separated in 2 organization MXs licence question

by in Security & SD-WAN
‎Nov 6 2024 12:38 AM
‎Nov 6 2024 12:38 AM
Yes - if for whatever reason it doesn't work then you can ring Meraki support for help. ... View more

Re: MX HA PAIR || Routed Mode || Does it support Per VLAN HA in LAN

by Kind of a big deal in Security & SD-WAN
‎Nov 3 2024 2:33 PM
‎Nov 3 2024 2:33 PM
Oh damn, of course, you are right. It is even clearly described in the link I added, but I messed that up. Thanks for the correction. ... View more

Re: Delete Dashboard Account

by Meraki Employee in Dashboard & Administration
‎Oct 31 2024 5:27 AM
‎Oct 31 2024 5:27 AM
As CMR suggests, if it's your email, simply change the associated password and check out availability of any 2FA tools.   I would recommend SAML too - in fact;  user-specific accounts more generally.   How would a problematic change be attributable to one admin, if you needed to follow disiplinary (even criminal) processes, if there's no specific accountability? ... View more

Re: Disable 2FA for Admins

by Meraki Employee in Dashboard & Administration
‎Oct 18 2024 7:33 AM
‎Oct 18 2024 7:33 AM
Hello @pdeleuw,   Enabling SAML as @Brash mentioned is a potential alternative, however, it is correct that even if 2FA is disabled on a dashboard administrator's account, OTP can still be triggered. This feature is in place for enhanced security, and an option within the dashboard is not available to disable it. Authentication Enhancements and New Dashboard Security Features documentation If you have a very strong or unique use case, I highly recommend reaching out to Meraki Support and providing as much detail as possible to determine if a solution is available that meets your specific use case. Please feel free to link to the documentation provided above when submitting the support case, so that it is clarified that you are referencing wanting to bypass both the 2FA and OTP features for an account. A support case can be opened by navigating to (?) > Get Help & Cases > Pick a Tile to Contact Support > Submit a case or by following the steps provided in the Contact Cisco Meraki Support document here. Best, Feli ... View more

Re: Route-based tunnel supported?

by in Security & SD-WAN
‎Sep 5 2024 1:50 PM
‎Sep 5 2024 1:50 PM
thanks ... View more

Re: URL Filter: WEbroot/Brightcloud or Talos?

by in Full-Stack & Network-Wide
‎Jun 25 2024 5:38 AM
‎Jun 25 2024 5:38 AM
In firmware MX17 and newer, the MX introduced Content Filtering powered by Cisco Talos Intelligence. This allows MX’s Content Filtering feature to classify URLs based on web content and threat categories curated by Cisco Talos.  ... View more

Re: Meraki VPN vs AnyConnect

by in Security & SD-WAN
‎Jun 11 2024 12:39 AM
‎Jun 11 2024 12:39 AM
"Meraki VPN" ist based on IPsec and L2TP. L2TP has additional overhead. Maybe you have a fragmentation problem? Check the MTU setting on client side. For Auto VPN the MX does Path MTU Discovery. I do not know if this is true for Client VPN, too. It is not possible setting the MTU on the MX manually. You have to contact the support for doing that. ... View more

Re: We lost access to sites / companies shared with us.

by in Meraki Go
‎May 24 2024 8:40 AM
‎May 24 2024 8:40 AM
I'm having the same issue, it is not something just with you.  I'm hearing talk of a possible big back end issue. Let me know if you find anything out.  I have a ticket in with support since yesterday.  Our network is still working there is nothing in the dashboard however. ... View more

Re: L3 Switching Effects on S2S VPNs

by in Switching
‎May 23 2024 7:39 AM
2 Kudos
‎May 23 2024 7:39 AM
2 Kudos
Thank you very much for this. I see that when you do this, you'll see the static routes appear in the Configure->S2S VPN page. So the process is actually super straightforward. A slight lack of experience there on my behalf.  ... View more

Re: Guest Wireless does not prompt to login if DNS is changed

by in Wireless
‎May 20 2024 2:29 PM
‎May 20 2024 2:29 PM
@alemabrahao wrote: instead you have to use 192.0.1.2. Just to clarify: It should be an address from 192.0.2.0/24 ... View more

Re: MX75 as router with out NAT, so we can use public IP address on LAN sid...

by in New Meraki Users
‎May 20 2024 2:16 PM
‎May 20 2024 2:16 PM
I do not completely understand your point. Why is it another point of failure? You need a routing device without NAT. NAT excemption would achieve this, I think. You can configure a VLAN interface on the LAN side with one address out of the /29 subnet. ... View more

Re: MX content filtering Support for QUIC & TLS 1.3

by in Security & SD-WAN
‎May 6 2024 7:42 AM
3 Kudos
‎May 6 2024 7:42 AM
3 Kudos
That's exactly my result. QUIC traffic is not filtered. If you block UDP/443, you will block DTLS. If somebody wants to establish a DTLS based RA VPN (e. g. AnyConnect) through your firewall, the client has to fall back to TLS. ... View more

Re: Meraki MX: Configure OpenVPN?

by in Security & SD-WAN
‎May 5 2024 12:16 PM
2 Kudos
‎May 5 2024 12:16 PM
2 Kudos
The MX supports Auto VPN, IPsec between MX appliances in one organization IPsec Site-to-Site VPN (IKEv1 or IKEv2) between MX and non-Meraki peers or MX appliances in another organization Client VPN, L2TP with IPsec (IKEv2) Client VPN Anyconnect/Secure Client The MX does not support OpenVPN, Wireguard or other VPN protocols. ... View more

Re: License Extension

by Kind of a big deal in Dashboard & Administration
‎Apr 19 2024 12:37 PM
1 Kudo
‎Apr 19 2024 12:37 PM
1 Kudo
So you say I ignore the licenses and just add the devices and one line end-date? I hadn't expected that to work, but okay, at least that is much less work. ... View more

Re: MX18.208 AutoVPN Summarisation Bug

by in Security & SD-WAN
‎Apr 18 2024 11:21 AM
‎Apr 18 2024 11:21 AM
Exactly. I had tested it to verify it. The behaviour is not documented, so I wanted to explore it in detail. ... View more
My Accepted Solutions
View all
© 2025 Cisco Systems, Inc.