The Meraki Community
Register or Sign in
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • About hmc250000
hmc250000

hmc250000

Getting noticed

Member since Dec 5, 2019

‎06-12-2023
Kudos from
User Count
redsector
redsector
3
Sanderan
Sanderan
1
PhilipDAth
Kind of a big deal PhilipDAth
2
80hd
80hd
1
cmr
Kind of a big deal cmr
1
View All

Community Record

71
Posts
8
Kudos
0
Solutions

Badges

CMNO
50 Posts
25 Posts
First 5 Posts View All
Latest Contributions by hmc250000
  • Topics hmc250000 has Participated In
  • Latest Contributions by hmc250000
  • « Previous
    • 1
    • 2
  • Next »

non Meraki VPN without AuTO VPN?

by hmc250000 in Security / SD-WAN
‎06-12-2023 08:23 AM
‎06-12-2023 08:23 AM
Is there a way to turn off auto VPN when you configure a site to site VPN on a Meraki appliance with a non meraki peer? ... View more

Re: Adding L3 switch in site and need to change ip address remotely

by hmc250000 in Switching
‎03-01-2023 02:29 PM
‎03-01-2023 02:29 PM
Change the switches management interface configuration so that it is pointing at the new Internet circuit. It should come back online in the dashboard after this. You should see it checking in from the new public IP address.     Can we change the ip address of the switch after the ISP router's ip address has changed? How will the switch access the internet after the IP change on the ISP router?    Can I change the switch it's management ip locally from the LAN? This is in case I can get access to a machine on the local LAN.     ... View more

Adding L3 switch in site and need to change ip address remotely

by hmc250000 in Switching
‎03-01-2023 11:19 AM
‎03-01-2023 11:19 AM
We are adding a L3 switch in a site.  The ISP WAN router was routing for the site.  We would like to reassign the ISP router's ip address to a new vlan interface on our L3 switch so we don't have to change the gateway of the client machines. We have no remote hands support for the site. What is the proper way of changing the ip address remotely so we don't loose connectivity? ... View more
Labels:
  • Labels:
  • Interfaces
  • Layer 3

Re: ACL rules traffic between DMZ to LAN

by hmc250000 in Security / SD-WAN
‎01-30-2023 07:50 AM
‎01-30-2023 07:50 AM
Yes makes sense. Thanks.   ... View more

Re: ACL rules traffic between DMZ to LAN

by hmc250000 in Security / SD-WAN
‎01-30-2023 06:53 AM
‎01-30-2023 06:53 AM
how would you configure this on a Meraki MX? > Allowing only to be initiated from one side is purely done with the ACL. ... View more

Re: ACL rules traffic between DMZ to LAN

by hmc250000 in Security / SD-WAN
‎01-30-2023 06:23 AM
‎01-30-2023 06:23 AM
? severely wrong? You could have a need to assign an already used subnet for an external site2site VPN for example. I can think of several instances where this is helpful. in smaller networks you probably will not have to deal with this. cisco is more flexible when it comes to these type of configurations. ... View more

Re: ACL rules traffic between DMZ to LAN

by hmc250000 in Security / SD-WAN
‎01-26-2023 10:58 AM
‎01-26-2023 10:58 AM
I would prefer the connection to initiate traffic from one side only. Besides that you could easily integrate with the rest of the network without having to worry about ip address overlaps. ... View more

Re: ACL rules traffic between DMZ to LAN

by hmc250000 in Security / SD-WAN
‎01-26-2023 06:55 AM
‎01-26-2023 06:55 AM
We use private ip addresses in the DMZ. Is it possible to NAT (1 to many) between the DMZ and LAN using private ip addresses?   Maybe I'm missing something but from what I see so far the NAT rules either have to include public ip address or internet connection.  ... View more

Re: ACL rules traffic between DMZ to LAN

by hmc250000 in Security / SD-WAN
‎01-25-2023 01:17 PM
‎01-25-2023 01:17 PM
I think I found what I need but any other resources are welcome.   https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/Creating_a_DMZ_with_the_MX_Security_Appliance ... View more

ACL rules traffic between DMZ to LAN

by hmc250000 in Security / SD-WAN
‎01-25-2023 01:10 PM
‎01-25-2023 01:10 PM
Is there a way to lock down machines sitting in the DMZ but still allow them to authenticate on the LAN by allowing traffic to specific destinations and ports? These rules need apply only to traffic between DMZ and LAN. ... View more
Labels:
  • Labels:
  • ACLs
  • Firewall

Re: updating phone number for multi factor Meraki account

by hmc250000 in Security / SD-WAN
‎10-19-2022 07:47 AM
‎10-19-2022 07:47 AM
I was not able to access my profile so support had to temporarily disable 2fa so I could update my phone #. .  ... View more

updating phone number for multi factor Meraki account

by hmc250000 in Security / SD-WAN
‎10-07-2022 01:04 PM
‎10-07-2022 01:04 PM
How do we update the phone number for  aMeraki account configured with multi factor authentication? do we have to remove and recreate the account?  ... View more

client and server network segmentation

by hmc250000 in Security / SD-WAN
‎07-18-2022 08:52 AM
‎07-18-2022 08:52 AM
What would be the best way to segment clients from servers across several departments (Lan and WAN) globally? What Meraki hardware would be recommended? I would assume traditional firewalls are too slow?    Can Cisco ISE be used along with Meraki switches? Not sure if Cisco ISE can really help with segmenting a LAN/WAN. ... View more

Re: Mixed vendor wireless environment with single SSID?

by hmc250000 in Wireless LAN
‎04-07-2022 10:29 AM
‎04-07-2022 10:29 AM
Makes sense. Thanks. ... View more

Re: Mixed vendor wireless environment with single SSID?

by hmc250000 in Wireless LAN
‎04-07-2022 10:14 AM
‎04-07-2022 10:14 AM
We will need roaming to work.  ... View more

Mixed vendor wireless environment with single SSID?

by hmc250000 in Wireless LAN
‎04-07-2022 09:42 AM
‎04-07-2022 09:42 AM
Can you have a mixed vendor wireless environment (Meraki/Extreme) with a single SSID?One of our sites has 150 AP's and we're not sure if we would be able to replace all in one shot because they are 24x7 and have a very small maintenance window. ... View more

udld between cisco and meraki switches

by hmc250000 in Switching
‎03-10-2022 02:02 PM
‎03-10-2022 02:02 PM
Does anyone know if udld plays nice between a cisco and meraki switch? Using multi mode SFP's?    the MEraki is set to alert only and the cisco side is set to aggressive mode but keeps going into errdisabled mode.    It seems to work fine between cisco switches. ... View more

Re: client VPN on MX not working behind firewall NAT

by hmc250000 in Security / SD-WAN
‎02-24-2022 01:53 PM
‎02-24-2022 01:53 PM
ahh interesting, thanks. ... View more

client VPN on MX not working behind firewall NAT

by hmc250000 in Security / SD-WAN
‎02-24-2022 11:02 AM
‎02-24-2022 11:02 AM
We have a site with a Meraki MX that site to site VPNs and client VPN behind another firewall that Nat's the traffic to the MX. the site to site VPN's work however not the client VPN. Any ideas what may prevent the client VPN to work? I would assume if site to site VPN works that the outside is able to reach the MX on ports UDP 500 and UDP 4500. ... View more

Warm Spare HA failover LAN side

by hmc250000 in Security / SD-WAN
‎02-03-2022 01:51 PM
‎02-03-2022 01:51 PM
How does the HA warm spare failover work on the LAN side? I understand we can configure a virtual ip for the HA MX's, so the ISP routers can configure the virtual ip address for their routes for our internal network. We configure the L3 switches with a default route pointing to the LAN ip address of the primary MX. How would this failover to the standby if no virtual ip address is configured for the LAN side? Do we manually have to change the ip address for the MX's LAN interface?   ... View more

Re: SDWAN Site to site Outbound firewall rules

by hmc250000 in Security / SD-WAN
‎11-18-2021 01:29 PM
‎11-18-2021 01:29 PM
My goal is to deny access from all other Meraki SDWAN sites (192.168.0.0/16) to sites 192.168.1.x and 192.168.2.x.    So I guess I would have to create a explicit deny rule from source 192.168.x.x/16 to 192.168.1.x and 192.168.2.x? ... View more

SDWAN Site to site Outbound firewall rules

by hmc250000 in Security / SD-WAN
‎11-18-2021 01:19 PM
‎11-18-2021 01:19 PM
Assume you add these new rules for site to site VPNs:  allow source 192.168.1.x destination 192.168.2.x allow source 192.168.2.x destination 192.168.1.x   there are no explicit rules defined other than the allow Default rule (Any, Any, Any, Any)   Will other sites in the SDWAN be able to communicate with sites 192.168.1.x and/or 192.168.2.x? ... View more

Re: High Rate of STP topology changes on port

by hmc250000 in Switching
‎11-18-2021 01:12 PM
‎11-18-2021 01:12 PM
Sorry I hope I'm not missing anything here. RSTP Meraki is the same thing as rapid-pvst in cisco right? I assume they are compatible? ... View more

Re: High Rate of STP topology changes on port

by hmc250000 in Switching
‎10-14-2021 08:43 AM
‎10-14-2021 08:43 AM
Access points are plugged into those ports. The AP's worked fine when they were plugged into the Cisco switches.   ... View more

Re: High Rate of STP topology changes on port

by hmc250000 in Switching
‎10-13-2021 10:15 AM
‎10-13-2021 10:15 AM
Yes, the root bridge has a lower priority and is the core switch in the Cisco network. The bridge settings in the Meraki switch settings were not changed. We cannot change it to a cisco switch anyway.  Sorry failed to mention we have plugged in 2 Meraki switches. Both are connected to separate cisco switches on the edge.   These are the latest events I'm seeing.   7 12:45:06   Port STP change Port 13 designated→disabled Oct 7 12:45:06   Port status change port: 13, old: 1Gfdx, new: down Oct 7 12:44:48   Port STP change Port 13 disabled→designated Oct 7 12:44:48   Port status change port: 13, old: down, new: 1Gfdx Oct 7 12:44:25   Port STP change Port 7 disabled→designated Oct 7 12:44:25   Port status change port: 7, old: down, new: 1Gfdx Oct 7 12:44:25   Port STP change Port 5 disabled→designated Oct 7 12:44:25   Port status change port: 5, old: down, new: 1Gfdx Oct 7 12:44:25   Port STP change Port 2 disabled→designated Oct 7 12:44:25   Port status change port: 2, old: down, new: 1Gfdx Oct 7 12:44:24   Port STP change Port 1 disabled→designated Oct 7 12:44:24   Port status change port: 1, old: down, new: 1Gfdx Oct 7 12:44:21   Port STP change Port 7 designated→disabled Oct 7 12:44:21   Port status change port: 7, old: 1Gfdx, new: down Oct 7 12:44:21   Port STP change Port 5 designated→disabled Oct 7 12:44:21   Port status change port: 5, old: 1Gfdx, new: down Oct 7 12:44:21   Port STP change Port 2 designated→disabled Oct 7 12:44:21   Port status change port: 2, old: 1Gfdx, new: down Oct 7 12:44:20   Port STP change Port 1 designated→disabled Oct 7 12:44:20   Port status change port: 1, old: 1Gfdx, new: down Oct 7 12:44:10   Port STP change Port 3 disabled→designated Oct 7 12:44:10   Port status change port: 3, old: down, new: 100fdx Oct 7 12:44:07   Port STP change Port 3 designated→disabled Oct 7 12:44:07   Port status change port: 3, old: 100fdx, new: down Oct 7 12:44:01   Port STP change Port 7 disabled→designated Oct 7 12:44:01   Port status change port: 7, old: down, new: 1Gfdx Oct 7 12:44:01   Port STP change Port 5 disabled→designated Oct 7 12:44:01   Port status change port: 5, old: down, new: 1Gfdx Oct 7 12:44:01   Port STP change Port 1 disabled→designated Oct 7 12:44:01   Port status change port: 1, old: down, new: 1Gfdx ... View more
  • « Previous
    • 1
    • 2
  • Next »
Kudos from
User Count
redsector
redsector
3
Sanderan
Sanderan
1
PhilipDAth
Kind of a big deal PhilipDAth
2
80hd
80hd
1
cmr
Kind of a big deal cmr
1
View All
My Top Kudoed Posts
Subject Kudos Views

Re: client VPN cannot access non meraki site to site VPN

Security / SD-WAN
3 875

Re: High Rate of STP topology changes on port

Switching
1 9913

Re: High Rate of STP topology changes on port

Switching
1 9927

Re: High Rate of STP topology changes on port

Switching
1 9943

Re: VPN clients subnet

Security / SD-WAN
1 2277
View All
Powered by Khoros
custom.footer.
  • Community Guidelines
  • Cisco Privacy
  • Khoros Privacy
  • Cookies
  • Terms of Use
© 2023 Meraki