Meraki

Community

About steakandeggs

Re: Can you limit specific VPN clients/users/machines to specific hosts on ...

by Kind of a big deal in Security & SD-WAN
‎Aug 2 2022 11:16 AM
1 Kudo
‎Aug 2 2022 11:16 AM
1 Kudo
With AnyConnect, the easiest way is to let the RADIUS server return a filter-id that matches a dashboard group-policy. ... View more

Re: Twinax compatibility

by Kind of a big deal in Switching
‎Jul 20 2022 2:17 PM
‎Jul 20 2022 2:17 PM
That is interesting to know! ... View more

Re: Assign IP/subnet based on password

by in Wireless
‎Jul 18 2022 12:38 PM
‎Jul 18 2022 12:38 PM
@RaphaelL nailed it. ... View more

Re: Routing RFC 1918 addresses

by in Security & SD-WAN
‎May 3 2022 1:51 PM
‎May 3 2022 1:51 PM
One caveat: LAN interfaces will not do DHCP relay to subnets not on the LAN. Which is fine because your DHCP server/s should usually never be anywhere else.  ... View more

Re: Allowing Inbound Traffic on MX

by in Security & SD-WAN
‎Apr 30 2022 12:13 PM
‎Apr 30 2022 12:13 PM
I know this is old, but you have to call Meraki and have them enable the inbound firewall rules.       ... View more

Re: Guide to VPN Failover With An MX to ASA?

by Kind of a big deal in Security & SD-WAN
‎Apr 27 2022 1:48 PM
3 Kudos
‎Apr 27 2022 1:48 PM
3 Kudos
You can only do it using IKEv1.  Cisco removed the functionality for IKEv2.   All you do on the "set peer" line is add a second IP address - your WAN2 IP address. https://community.cisco.com/t5/vpn/backup-peer-ip-configuration-on-site-to-site-vpn-between-asa/td-p/2303494    Thinking about it more, you could use IKEv2, but put the ASA into responder mode only (so it won't attempt to build the VPN), and authenticate based on an identify presented by IKEv2 on the MX.   Search for "remote id" in this article: https://documentation.meraki.com/MX/Site-to-site_VPN/Site-to-Site_VPN_Settings  ... View more
© 2025 Cisco Systems, Inc.