About rbnielsen

rbnielsen

This is what I use.. The hardcoded status_code = 201, is only declared for testing purposes and its just "faking" a succesful POST towards the API.. Remove it, and uncomment the actual request(). ... for _ in range(MAX_RETRIES): try: resp.status_code = 201 # r = requests.request( # 'POST', # url, # headers = headers, # data = payload # ) if resp.status_code == 201: if index < len(p_sitelist)-1: LOGGER.info(f"[ Create Networks ]: Network {site['Network']} created successfully! On to Next..") #print(f"Network {site['Network']} created successfully! On to Next..\n") break else: LOGGER.info(f"[ Create Networks ]: No more networks to create.") #print("No more networks to create.") return elif resp.status_code == 429: LOGGER.warning(f'[ Create Networks ]: Rate limited - Retrying after {r.headers["Retry-After"]}.') #print(f'Rate limited - Retrying after {resp.headers["Retry-After"]}.') time.sleep(int(resp.headers['Retry-After'])) continue else: LOGGER.critical(f'[ Create Networks ]: Unexpected status code: {r.status_code} returned from server.\n Msg: {r.text}') raise SystemExit(f'Unexpected status code: {r.status_code} returned from server.\n Msg: {r.text}') except Exception as e: LOGGER.error("[ Create Networks ]: Unknown error..") LOGGER.exception(e) #pprint(e) return ""

rbnielsen

Just as much as the long standing; Client traffic will be dropped by MX65(W), MX67(C,W), and MX68(W,CW) appliances if 1) The client is connected to a LAN port with 802.1X authentication enabled and 2) The VLAN ID of the port is configured to 16, 32, 48, 64, 80, 96, 112, 128, 144, 160, 176, 192, 208, 224, or 240.

rbnielsen

Resolved an issue where traffic could be incorrectly dropped under the following conditions 1) the MX appliance was configured to operate in passthrough / VPN concentrator mode, 2) the MX was configured to track clients by IP address, and 3) traffic was sourced from IP addresses 10.128.128.126, 10.128.128.127, 10.128.128.128, 10.128.128.129, 10.128.128.130, or 10.128.128.131. Some times, I'd really wish for the opportunity to get more details on bugs and their fixes....

rbnielsen

For every Meraki customer that I have, the Security Settings under Organizations has its own variations. But I am curious as to what ya'll do? How do you configure each customers organisational settings and why? Or in that case, your own company's settings?

rbnielsen

I have a new avatar!

rbnielsen

Unfortunately no. https://documentation.meraki.com/MX/Client_VPN/Client_VPN_Overview

rbnielsen

I think there might be a bit confusion upon terminology here. When you create a new Network in an Organization using the GUI, you can choose between different Network types - type specific or Combined. If you create a network via GUI, and select Security Appliance, as the network type, using the API endpoint GET /networks/{networkId} should return ... "productTypes": [ "appliance" ], ... If you create a new Network on your organizations, using API endpoint POST /organizations/{organizationId}/networks you can set the Network type in the field productTypes "productTypes": [ "appliance", "switch", "wireless" ], If you select more than 1 type in productTypes, the Network Type will become Combined. It is not possible to convert 1 network to a Combined, per se. What you can do is, if the Network does not contain the wireless product type yet, you can create a new Network as productType = wireless, and combine the new Wireless network with the original network using POST /organizations/{organizationId}/networks/combine

rbnielsen

@helenlee ?

rbnielsen

I've been trying to get my hands on a couple of used MX'es just to be able to mess around a bit with BGP the Meraki Way. I noticed the same paragragh, that when enabling BGP, you'd be able to do iBGP over VPN, instead of using AutoVPN, and having the Meraki Cloud to organise the routes. What are the advantages and disadvantages of using iBGP between the Hub and Spokes, rather than using traditional AutoVPN? I have a deployment of Meraki SDWAN, that is still ongoing, where my trigger-finger is itching to enable iBGP, and a private BGP AS 65000 - just to see what happens.

rbnielsen

@UmutYasar, redeploying the vMX, isn't that huge of a deal. It's just deleting the managed app from Azure, and (if you feel like it) deleting the Ressource Group. I have yet to find out if there is anything to do once, the vMX has been deployed and in production. Like I said - my ticket with Meraki Support is still open, waiting for them to determine a solution that doesn't neccessary require a redeployment. Unfortunately, I suspect that is the only solution.

rbnielsen · ‎06-22-2021

Hey, As far as I know, there is no alternative. My ticket is still open with meraki development team, and there is still no update as of yet. You'll need to deploy the vMX in Availability Zone "None" to get a Basic IP SKU, in order to get ClientVPN to work on a vMX.

rbnielsen · ‎06-19-2021

Perhaps @CarolineS could ping someone from the Meraki MX PM team to join the discussion?

rbnielsen · ‎06-17-2021

Peasants 😉

rbnielsen · ‎06-16-2021

Hah - it's mentioned in MR28.1 release notes So much for my attention span. XD

rbnielsen · ‎06-16-2021

More silent updates from Meraki? Wireless -> Hotspot 2.0

rbnielsen · ‎06-16-2021

I have a new, out-of-the-box, never registered MG, that I have trouble getting to connect to Meraki Cloud. I've verified everything that I can come to mind of, and it's not connecting. According to the customer, users at the site have also verified that the SIM card is not PIN locked. I'm suspecting that the MG is missing APN settings and so on, but I have trouble getting the customer to actually browse the to local status page. Since they lack power adapters, they have connected the MG according to https://community.meraki.com/t5/Security-SD-WAN/MG21-with-MX68-connection-layout/td-p/93695, where Port 1 on the MG is connected to a PoE port. The switchport connected to port 1, is put in a dummy Vlan, in order to make sure the MG ip addresses are not being being handed out. Since I wanted to check the Local Status Page myself, and the device not coming online, I'm trying to "backdoor" my way into it, via ClientVPN on the MX. I've created a vlan on the MX in the dummy Vlan, and waiting for the customer to verifify this VLan is being trunked all the way through to the MG. Port 2 on the MG is not connected to WAN2 on the MX. However, I am not able to browse to the MG. During a packet dump on the MX LAN, i've noticed several ARP to a 192.168.0.x address, and the MG responding with an 192.168.0.1 address. What is the expected behaviour of an "unpacked, out-of-the-box, no initial Cloud Connectivity"-MG21? Will it hand out 192.168.0.0 addresses to all clients untill it downloads configuration from Meraki Cloud?

rbnielsen · ‎06-11-2021

I might imagine this is a Support Enabled operation as well though..

rbnielsen · ‎06-11-2021

What happens if you create the network as an appliance only, configure NAT mode, and then add the vMX? Or maybe use a template?

rbnielsen · ‎06-11-2021

Maybe due to lack of certification? Firm-/software not in place or too buggy to announce? It is not uncommon for vendors to ensure hardware is in place before software support. Give Cisco as an example. Their latest Cat 9100 APs have support for BLE/IoT with the hardware already in place. If memory serves me right, it contains a ZigBee radio. However, even though the hardware is already in place, there is no software support as of yet (last I heard, at least)

rbnielsen · ‎06-11-2021

Honestly, I do have a suspicion that the MG41 has the hardware capability for 5G. But that it is just software limited.

rbnielsen · ‎06-11-2021

@wldn_bearded NetworkChuck, is that you? You sure look like him in that photo booth pic. 😉

rbnielsen · ‎06-09-2021

So far they will be available to order by July 6th, with shipping starting July 13th.

rbnielsen · ‎06-09-2021

Especially since Cisco already has a Wireless WAN router out, and been so for at least six months, that supports 5G.

rbnielsen · ‎06-09-2021

Seems that the same goes for MG aswell: MG41 https://meraki.cisco.com/product-collateral/mg41-series-datasheet/?file

rbnielsen · ‎06-09-2021

Meraki finally dropped the new MX's in complete silence. Check the MX data sheet here: https://meraki.cisco.com/product-collateral/mx-family-datasheet/?file It's about time!

rbnielsen

Community Record

Badges