Register or Sign in
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- About hmc250000
Community Record
71
Posts
8
Kudos
0
Solutions
Badges
06-12-2023
08:23 AM
Is there a way to turn off auto VPN when you configure a site to site VPN on a Meraki appliance with a non meraki peer?
... View more
Change the switches management interface configuration so that it is pointing at the new Internet circuit. It should come back online in the dashboard after this. You should see it checking in from the new public IP address. Can we change the ip address of the switch after the ISP router's ip address has changed? How will the switch access the internet after the IP change on the ISP router? Can I change the switch it's management ip locally from the LAN? This is in case I can get access to a machine on the local LAN.
... View more
We are adding a L3 switch in a site. The ISP WAN router was routing for the site. We would like to reassign the ISP router's ip address to a new vlan interface on our L3 switch so we don't have to change the gateway of the client machines. We have no remote hands support for the site. What is the proper way of changing the ip address remotely so we don't loose connectivity?
... View more
Labels:
- Labels:
-
Interfaces
-
Layer 3
01-30-2023
06:53 AM
how would you configure this on a Meraki MX? > Allowing only to be initiated from one side is purely done with the ACL.
... View more
01-30-2023
06:23 AM
? severely wrong? You could have a need to assign an already used subnet for an external site2site VPN for example. I can think of several instances where this is helpful. in smaller networks you probably will not have to deal with this. cisco is more flexible when it comes to these type of configurations.
... View more
01-26-2023
10:58 AM
I would prefer the connection to initiate traffic from one side only. Besides that you could easily integrate with the rest of the network without having to worry about ip address overlaps.
... View more
01-26-2023
06:55 AM
We use private ip addresses in the DMZ. Is it possible to NAT (1 to many) between the DMZ and LAN using private ip addresses? Maybe I'm missing something but from what I see so far the NAT rules either have to include public ip address or internet connection.
... View more
01-25-2023
01:17 PM
I think I found what I need but any other resources are welcome. https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/Creating_a_DMZ_with_the_MX_Security_Appliance
... View more
01-25-2023
01:10 PM
Is there a way to lock down machines sitting in the DMZ but still allow them to authenticate on the LAN by allowing traffic to specific destinations and ports? These rules need apply only to traffic between DMZ and LAN.
... View more
10-19-2022
07:47 AM
I was not able to access my profile so support had to temporarily disable 2fa so I could update my phone #. .
... View more
10-07-2022
01:04 PM
How do we update the phone number for aMeraki account configured with multi factor authentication? do we have to remove and recreate the account?
... View more
07-18-2022
08:52 AM
What would be the best way to segment clients from servers across several departments (Lan and WAN) globally? What Meraki hardware would be recommended? I would assume traditional firewalls are too slow? Can Cisco ISE be used along with Meraki switches? Not sure if Cisco ISE can really help with segmenting a LAN/WAN.
... View more
04-07-2022
10:29 AM
Makes sense. Thanks.
... View more
04-07-2022
10:14 AM
We will need roaming to work.
... View more
04-07-2022
09:42 AM
Can you have a mixed vendor wireless environment (Meraki/Extreme) with a single SSID?One of our sites has 150 AP's and we're not sure if we would be able to replace all in one shot because they are 24x7 and have a very small maintenance window.
... View more
03-10-2022
02:02 PM
Does anyone know if udld plays nice between a cisco and meraki switch? Using multi mode SFP's? the MEraki is set to alert only and the cisco side is set to aggressive mode but keeps going into errdisabled mode. It seems to work fine between cisco switches.
... View more
02-24-2022
01:53 PM
ahh interesting, thanks.
... View more
02-24-2022
11:02 AM
We have a site with a Meraki MX that site to site VPNs and client VPN behind another firewall that Nat's the traffic to the MX. the site to site VPN's work however not the client VPN. Any ideas what may prevent the client VPN to work? I would assume if site to site VPN works that the outside is able to reach the MX on ports UDP 500 and UDP 4500.
... View more
02-03-2022
01:51 PM
How does the HA warm spare failover work on the LAN side? I understand we can configure a virtual ip for the HA MX's, so the ISP routers can configure the virtual ip address for their routes for our internal network. We configure the L3 switches with a default route pointing to the LAN ip address of the primary MX. How would this failover to the standby if no virtual ip address is configured for the LAN side? Do we manually have to change the ip address for the MX's LAN interface?
... View more
11-18-2021
01:29 PM
My goal is to deny access from all other Meraki SDWAN sites (192.168.0.0/16) to sites 192.168.1.x and 192.168.2.x. So I guess I would have to create a explicit deny rule from source 192.168.x.x/16 to 192.168.1.x and 192.168.2.x?
... View more
11-18-2021
01:19 PM
Assume you add these new rules for site to site VPNs: allow source 192.168.1.x destination 192.168.2.x allow source 192.168.2.x destination 192.168.1.x there are no explicit rules defined other than the allow Default rule (Any, Any, Any, Any) Will other sites in the SDWAN be able to communicate with sites 192.168.1.x and/or 192.168.2.x?
... View more
11-18-2021
01:12 PM
Sorry I hope I'm not missing anything here. RSTP Meraki is the same thing as rapid-pvst in cisco right? I assume they are compatible?
... View more
10-14-2021
08:43 AM
Access points are plugged into those ports. The AP's worked fine when they were plugged into the Cisco switches.
... View more
10-13-2021
10:15 AM
Yes, the root bridge has a lower priority and is the core switch in the Cisco network. The bridge settings in the Meraki switch settings were not changed. We cannot change it to a cisco switch anyway. Sorry failed to mention we have plugged in 2 Meraki switches. Both are connected to separate cisco switches on the edge. These are the latest events I'm seeing. 7 12:45:06 Port STP change Port 13 designated→disabled Oct 7 12:45:06 Port status change port: 13, old: 1Gfdx, new: down Oct 7 12:44:48 Port STP change Port 13 disabled→designated Oct 7 12:44:48 Port status change port: 13, old: down, new: 1Gfdx Oct 7 12:44:25 Port STP change Port 7 disabled→designated Oct 7 12:44:25 Port status change port: 7, old: down, new: 1Gfdx Oct 7 12:44:25 Port STP change Port 5 disabled→designated Oct 7 12:44:25 Port status change port: 5, old: down, new: 1Gfdx Oct 7 12:44:25 Port STP change Port 2 disabled→designated Oct 7 12:44:25 Port status change port: 2, old: down, new: 1Gfdx Oct 7 12:44:24 Port STP change Port 1 disabled→designated Oct 7 12:44:24 Port status change port: 1, old: down, new: 1Gfdx Oct 7 12:44:21 Port STP change Port 7 designated→disabled Oct 7 12:44:21 Port status change port: 7, old: 1Gfdx, new: down Oct 7 12:44:21 Port STP change Port 5 designated→disabled Oct 7 12:44:21 Port status change port: 5, old: 1Gfdx, new: down Oct 7 12:44:21 Port STP change Port 2 designated→disabled Oct 7 12:44:21 Port status change port: 2, old: 1Gfdx, new: down Oct 7 12:44:20 Port STP change Port 1 designated→disabled Oct 7 12:44:20 Port status change port: 1, old: 1Gfdx, new: down Oct 7 12:44:10 Port STP change Port 3 disabled→designated Oct 7 12:44:10 Port status change port: 3, old: down, new: 100fdx Oct 7 12:44:07 Port STP change Port 3 designated→disabled Oct 7 12:44:07 Port status change port: 3, old: 100fdx, new: down Oct 7 12:44:01 Port STP change Port 7 disabled→designated Oct 7 12:44:01 Port status change port: 7, old: down, new: 1Gfdx Oct 7 12:44:01 Port STP change Port 5 disabled→designated Oct 7 12:44:01 Port status change port: 5, old: down, new: 1Gfdx Oct 7 12:44:01 Port STP change Port 1 disabled→designated Oct 7 12:44:01 Port status change port: 1, old: down, new: 1Gfdx
... View more
My Top Kudoed Posts
| Subject | Kudos | Views |
|---|---|---|
| 3 | 875 | |
| 1 | 9913 | |
| 1 | 9927 | |
| 1 | 9943 | |
| 1 | 2277 |
