Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Become a member of the Cisco Meraki Community today
Get answers from our community of experts in record time.
Join now- About Einstein
About Einstein
Einstein
Getting noticed
Member since Nov 14, 2019
2 weeks ago
Kudos given to
Community Record
54
Posts
6
Kudos
1
Solution
Badges
2 weeks ago
This is the config I was thinking of. I have never heard of anyone setting it up in this fashion since it is also a repeater. Thank you for the document link!
... View more
2 weeks ago
I know, my description wasn't the best. 1. Is the MR76 installed on the exterior or interior of building A? - Exterior 2. What is the distance between the two buildings? - ±300Ft 3. Are there any windows in building B? - No 4. What is the approximate age of building? - ±6 years Thank you!
... View more
2 weeks ago
True. I was just curious if the 5Ghz could be moved inside, and the 2.4 left outside to continue the connection to the main building. Just did not want to spend the money on another AP that will literally be 20 feet from the outdoor repeater. Thank you!
... View more
2 weeks ago
We have an outdoor MR76, that is also set up as a repeater to another building on campus. The building is made up of metal siding, with cinder block halfway up all around. I have no issue connecting to equipment in that building via the wireless repeater. The MR76 is connected by Cat6 to a Meraki switch inside. With this setup, I can obtain wireless connectivity without any problem while I am outside of the building. As soon as I take a single step into the building, I lose all wireless signal. I know it is because of the makeup of the building. Now for my question. The MR76 has a MA-ANT-23, and a MA-ANT-20 external antenna, without adding another AP inside the building is there any change I can implement to get wireless inside the building. Can one of the antennas be moved inside the building? Can the AP be moved inside, and leave the MA-ANT-23, and MA-ANT-20 outside? Thank you all in advance. I have a feeling the answer will be buy another AP. But I just wanted to check here first.
... View more
Labels:
- Labels:
-
Installation
May 16 2025
6:33 AM
Not a web server, not a proxy. It does run secondary/backup DNS, but our primary has not gone offline, is always reachable. We do have firewall/inbound rules created, nothing forwarded to this server, no NAT. Not sure it would be a bad DNS request, this would get stopped at the client before it hit the DNS server. We have allow/block rules set for our HIP system. The IDS alerts that pop up from this server are not generated internally from a host callup, they are all incoming (from what I can see). I appreciate all the help from everyone. Meraki's response again yesterday was "Our engineers are still investigating this issue, and no timeline to resolution". FYI Today already, no we do not use AWS for anything. Thank you again everyone.
... View more
May 15 2025
8:23 AM
Totally agree with you. Unfortunately, I cannot sit and run through Wireshark logs all day (but I have ran Wireshark on occasion and tried to see packet info, but nothing stood out). We do not rely 100% on the firewall, we do have other solutions to scan and prevent infections and intrusions. But I totally agree, nothing is 100%. Just hard to believe after 5 months of scans/investigations, if the server is infected, nothing has found the infection(s). It has been scanned by several enterprise solutions, none of which has found anything. Thank you for your response.
... View more
May 15 2025
8:14 AM
This URL comes up a lot which is terrifying...lol. It is always blocked, but no idea why DHS is trying to get to one of our servers. vulnscan5.cyhy.ncats.cyber.dhs.gov
... View more
May 15 2025
8:04 AM
Yup, newest firmware, we have everything locked down very tight. The server gets updates from internal WSUS server. It can contact the internet but should not need to. We are a non-profit, so our systems, servers, endpoints are all locked down tight. We do daily scans on everything. Could it be some type of infection, sure anything is possible but highly unlikely. IDS is "intercepting" any attempts, but again the outside world should have no idea this server even exists. I am just frustrated that Meraki says this is unexpected behavior but has kept us on the hook for 5 months now for a solution. Also, no sharing is enabled on this server either. It is not accessible from the network. I disabled ICMP long ago. External IP's in the IDS logs are all over the place, no pattern. Our webserver, which does have external access gets less IDS hits than this server. Maddening. I just have nothing else to try. Thank you for your response, I appreciate it.
... View more
May 15 2025
7:40 AM
I have had a ticket open with Meraki since January....yep you read that right. We have an internal server that has been getting hit externally from a number of IP's. This particular server has no forwarding, the outside world should have no idea about this server. The only response I keep getting from Meraki is "This is unexpected behavior our support team is looking into it". SINCE JANRUARY!!!. I have scanned this server into oblivion to make sure it is not compromised. This server has no additional software installed. It runs 2022 Datacenter and is fully patched. Can ANYONE help me figure this out, as I need an answer, I need to get this resolved. I have had 254 events this week alone, and this has gone on since January. This is just a shot from yesterday and today. Again, this server has nothing forwarded to it, nothing reaching out from it. The world should not know it exists. You all rock, thank you in advance!!
... View more
May 13 2025
7:46 AM
We ran into same issue, same error in MX events. We have a very large Xerox press that scan to email suddenly stopped working. I added our printer as a trusted IP and allowed rule in IDP. Scan to email now works. Will continue to monitor, but it does seem like a false positive in Talos.
... View more
Jan 8 2025
5:55 AM
I do. It is set at 1gig/1gig. Speed is worse today after firmware to 211.4. Now only getting 500/200. I am only one in the office this morning. It is on primary WAN. 20-foot Cat6 from Verizon DMARC to MX250. I have lowered IDP/AMPsettings to see if that had any effect, it did not. Throughput on dashboard says 800, but is that both ways? Tests from Verizon say 800/600. No one is complaining about speed but just trying to stay on top of things. Like many of you, I am a 1-man department managing over 100 Meraki devices......lol Thank you everyone, have a great day.
... View more
Jan 8 2025
5:44 AM
We do have some port forwards for several servers, but nothing forwarded to this server. We run some client VPN connections; NO-NAT is not enabled. No local users have rights to this server. Just very odd that the IP, FQDN of this IDS alert resolves to dhs.gov on AWS. These events were just Monday and yesterday. Nothing today. I did upgrade firmware to 211.4 last night, may have fixed that issue but not our speed issue. Our internet speeds are still very low coming through our MX250. I might open a ticket today. We have gig/gig fiber. Before new firmware we were getting 900/200. Today I am getting 500/200. Not good.
... View more
Jan 7 2025
9:57 AM
Thank you, Ryan. As I wrote to RWelch, I did not know about this feature. I really appreciate you pointing this out. I think you got the reply in first!!!..lol Really appreciate your help!
... View more
Jan 7 2025
9:55 AM
You are the man! I never knew about this feature. Upgrading tonight. This really gives you insight on things coming in the pipeline. I do have the correct speed settings in the SD-WAN & traffic settings menu. Thank you again.
... View more
Jan 7 2025
7:37 AM
I agree and happy, it was blocked. I am puzzled as to how this outside website even knows about this server, as it is totally cut off from the outside world. A little wary it's from DHS.gov.....lol Thank you RWelch, appreciate it!
... View more
Jan 7 2025
7:30 AM
1 Kudo
Nice, thank you. Still looks like it's beta? Ours says it is running latest firmware.
... View more
Jan 7 2025
7:18 AM
We are experiencing same. We have gig/gig fiber on an MX250. No setting out of the ordinary, running amp. We get ±900 down, but only 200up. I have adjusted AMP settings but no change. Running 18.211.2
... View more
Jan 7 2025
7:10 AM
I continue to get this IDS firewall log entry: vulnscan10.cyhy.ncats.cyber.dhs.gov IP/port:100.27.42.250:48534 With event: Apache Log4j logging remote code execution attempt The event is blocked. It is directed to a SINGLE internal server NOT open to the internet. It appears to be a valid website. My concerns are, 1) How does this website even know about this particular server? ........it's rhetorical. 2) Why is it trying to run code on it? again rhetorical. I am just at a loss to this. Server scanned, all clean. It is a new server that was added in the last year, new OS. I cannot find anything in event log on this server that coincides with this, would give any hint as to why something on the outside is trying to get to it. Thank you all in advanced! Anyone else seeing this?
... View more
Nov 27 2023
6:53 AM
Layer 2 would take me an hour to edit out all names...etc. Plus I would need to put it into 3 screen shots. If you want it I'll make it happen, will just take me awhile...lol I don't think this is an accurate L3 picture, as per this topic. Thank you alemabrahao!
... View more
Nov 27 2023
6:38 AM
Running full Meraki infrastructure. When initially set up, "Routed Mode" was chosen by the company that set it up (5 years ago). We have had reporting issues ever since, but I am able to figure out what was actually happening. Now it seems things are getting worse, to the point I cannot figure out routing for some devices. I have routing for some devices showing as going to other buildings (6-7 hops sometimes) on our campus even though they should only have 1 hop to our core stack. I am told to switch to unique client identifier (I have been down this path before). Things I am concerned about. I will lose years of logging...etc. Not sure if this something I need to worry about, but when you hear your losing years of logs.....well ya know 8-). We are running current firmware. I have read some folks have internet speed issues when "Unique client Identifier" is used. Unique client identifier is still listed as "Beta" which concerns me. It has been listed as Beta for over 6 years now. Has me a little concerned. Just wanted the community's thoughts on this. Should I switch y/n?
... View more
Jun 9 2023
9:05 AM
I have not. The community is always my first goto 😉 The repeater is working for one of my SSID's, so I know it's halfway?.....working.....lol I will open a case and post what I find. Thank you everyone again!!!
... View more
Jun 9 2023
6:23 AM
Nothing telling that I can see in the log file (I can see results from all other AP's). Since the repeater has no IP address, it is not even tested by Meraki when I run a manual RADIUS test. All other AP's are seen, and pass. When I try to connect to the repeater with my laptop, the connection sits at "Trying to authenticate". If the auth happens on the gateway, traffic does not seem to be getting forwarded from the repeater to the gateway for this. Since the traffic never gets to the gateway, it never makes it to the RADIUS server, hence nothing in the log. Just more info, we also have an open SSID on this repeater that works fine. I am 1 firmware ver behind. Maybe next week I will rev the AP's to the newest firmware. I will read up on new firmware over the weekend. Thanx again everyone!
... View more
Jun 8 2023
11:05 AM
Gateway auth is working, but when I run the RADIUS test through Meraki, it sees the repeater and fails it. Just trying to see if there was a way to either verify the AP through RADIUS, or just clear the error. Thank you
... View more
Jun 8 2023
10:32 AM
Gateway AP succeeds at RADIUS test, but not meshed repeater. Since the repeater has no IP address, how do I add it to RADIUS list? DNS name does not work either. Cannot seem to find anything on this. Thank you all in advance.
... View more
Would love to, ripping up 100yards of parking lot is not in the budget 😉 Just a single hop, should be ok.
... View more
Kudos given to
My Accepted Solutions
| Subject | Views | Posted |
|---|---|---|
| 10602 | Nov 15 2019 5:03 AM |
My Top Kudoed Posts
© 2025 Cisco Systems, Inc.
