It's an ISO 8601 timestamp. ... View more

If you unplug the MR and plug the notebook into the same switch port, can you browse web sites? ... View more

> Ah ok, so do you mean the phone itself uses DSCP?   Yes, that is how it is usually done. ... View more

You should use a flow preference to specify the uplink you would like to use for the VoIP traffic. https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Load_Balancing_and_Flow_Preferences#Flow_Preferences    Typically VoIP kit sets the DSCP values.  You shouldn't be needing to overwrite anything.  If this is the case, you should be able to use the default traffic shaping rules.   Note that most ISPs ignore any DSCP values that you set. ... View more

If you only need to get to the management interface on the ISR, only add the second default route. ip route 192.168.102.0 255.255.255.0 10.10.10.254   You would make this much simpler if the ISR used a single interface, or you only attached the MX to one of the interfaces connected to the ISR. ... View more

@MichelRueger , to get features promoted in the Meraki world you need to include use cases.  What would be the use case for faster reporting? ... View more

Where using the co-termination model, so there is only one date ...  I'm guessing you are using per-device? ... View more

> We have been doing packet captures left & right.  Ping traffic shows responses but when we try to load the Citrix website we aren't getting responses back.   If you aren't getting the traffic back, then they are not sending it ... ... View more

This is the datasheet for cloud archive. https://meraki.cisco.com/product-collateral/mv-cloud-archive-datasheet/?file  It says you need a minimum of 1Mb/s of bandwidth per camera.  I can't remember.  I expect this will be related to the recording quality you select.  I'm thinking 1Mb/s would be for one of the lower quality settings.   I have almost half a dozen customers who have put in their Starlink orders (in New Zealand) now.   The sooner you sign up the sooner you'll get it ...   What about using motion alerts with a schedule?  Have the cameras email movement to an email address when no one should be on-site?  Then you are only exporting stills, and only when there is movement.  The bandwidth requirements would be significantly less. We use this approach in our office for security purposes.     ... View more

I've seen a bank block access to those with old unsupported OSs as well. ... View more

Thinking sideways; banks in my part of the world sometimes block you from logging in if you have old browser versions.   Is their software right up to date?  Tried a different browser? ... View more

If you use an MX68 connected to a pair of MG21s, and let it load balance across them, you would probably only need a pair of 600GB plans.   Have you considered using Starlink?  Their plans include unlimited data ... Perhaps you could use both 4G and Starlink to try and cover your bases. ... View more

Do you *really* need to use cloud archive?   Also, you are going to need a 4G connection that can sustain 4Mb/s up, 24x7.  I would not be confident of getting that.  And then if you actually look at any of the cameras, that is going to use even more bandwidth. ... View more

Wouldn't you just use an RMM for that? ... View more

How does SMTP get to the server at the moment?  IP address or port NATed through to it?  If so, use the same approach and NAT tcp/443 through to it.   Otherwise, you could deploy a reverse proxy.  I like using HAProxy, but you can use whatever is your favourite.     None of this has much to do with Systems Manager ... ... View more

I'm going to guess you have asymmetric routing, and one of the firewalls (probably the remote one) is blocking some of the traffic (because it is asymmetric). For example, you might be routing traffic over their router, and they are returning it over the VPN.   Start by disabling the VPN on both ends.  If you are not sure it is disabled on both ends - delete it to make sure.   Routing to the third party router on the inside of the MX is fine.   If you don't make progress, take a packet capture on your end.  Verify you can see the traffic being routed to the third party router, and that you can see the return traffic. ... View more

Are you using bridge mode on the SSID?  You need this to make roaming work without dropping a call. ... View more

Nice setup. ... View more

Is the default gateway for the user the MX? ... View more

You could use multiple StealthWatch probes.   I haven't done it for a while, but last time I used MXs and NetFlow. ... View more

@ww is correct.  This is expected behaviour.   For voip services, we always use SIP/TLS.  Being TCP based on the change over it breaks the TCP session, and forces the phone to make a fresh registration and recover.   See if your provider can support something TCP based.  Ideally SIP/TLS. ... View more