Did you get the worldwide version (model numbers ends in -WW) or the US only version (model number ends in -NA)?   Check out the difference in bands supported. https://meraki.cisco.com/lib/pdf/meraki_datasheet_MG21.pdf  ... View more

The SIM card isn't locked to a specific device is it?  Some telcos in some countries sell discounted devices and lock the SIMs to prevent users using them in something else. ... View more

> Per SSID band selection ignores "Disable 802.11ax checkmark"   I'm thinking no.  The beacon packet advertises the capabilities (aka WiFi6) and the SSIDs offered.  I don't think the capabilities are specified per SSID in that beacon. Not 100% sure. ... View more

Complete control through the SIM card You can control the device via cellular data.  Is that what you mean?  The degree of control depends on the platform and what mode it is enrolled in.   WhatsApp backup (view & export) on personal & corporate phones No.   Call logs from the phones No. SMS (view and backup) No. Remote wiping (full and partial) If in Device Owner mode or supervised mode, depending on platform.   Cross-platform support (iOS & Android) Yes. Control SIM 1 or SIM 2 on 1 device I don't know what you mean. Integration to SAP (ERP Solution) No. Device backup and ability to view, extract & transfer No. ... View more

Typically the phone system you are connecting to does the provisioning, as @UCcert  says.  You don't normally have to provide any on-site infrastructure for cloud telephony. ... View more

You would have to use NetFlow. https://documentation.meraki.com/MX/Monitoring_and_Reporting/NetFlow_Overview  ... View more

What kind of VPN traffic is this, AutoVPN, client VPN or non-Meraki VPN. ... View more

Once you have bluetooth enabled you should see it.  You don't need to assign a major/minor number for your application. https://documentation.meraki.com/MR/Bluetooth/Bluetooth_Low_Energy_(BLE)#Configuring_Beacons    How often do you beacons emit a "blip"?  If it is only 10 minutes you'll need to wait a while. ... View more

Try checking out all the partner resources. https://www.merakipartners.com/  ... View more

Have you added the kit to a Meraki network (as opposed to just claiming them into your inventory)? ... View more

It's like everyone has been locked away with nothing to do. ... View more

> can I ask you what are the wifi functionalities I would lose with the builtin wifi in an MX?   Reflecting back on it, you'll be able to achieve most of the same things, it'll just be more complicated.   With the MR you can do the splash page handling directly on it.   With an MX you'll need to create an additional VLAN.  Bridge the SSID through to that.  And then configure the splash page on the MX.  You'll need to attach a group policy to the VLAN to implement bandwidth limits as well. You'll need a higher level of skill to pull off something similar.   ... View more

> Question, would putting them in a separate VLAN be needed if I am using NAT mode which restricts clients from communicating with each other?   Typically you set guest wifi so it can't talk to anything internally.  So if you have a device that needs to talk to something internally and you want to keep your SSID count low, it is best to put that into a different VLAN rather than modifying the guest firewall rules to allow a specific IoT device access to something.  Also if you do put it in a guest VLAN it means guest can try and talk to it. I often use an IoT VLAN these days, especially for this purpose. ... View more

Meraki is a global company, and different countries are in different states.   When updates are scheduled should be a matter for the customer to decide, not Meraki.   I've been waiting for a bug fix for the AMP engine to reach "stable release candidate".  It has only just made it into public beta.  I wouldn't want to leave a security issue out there for a customer over the Christmas period.  I'd want to apply it, and I wouldn't want Meraki to hold back on letting me do that. ... View more

I have customers where we block all site to site AutoVPN connectivity with VPN firewall rules.  Perhaps you could consider doing something similar with the VPN firewall rules?   If the backup link is cellular you can use cellular firewall rules. https://documentation.meraki.com/MX/Cellular/3G%2F%2F4G_Cellular_Failover_with_USB_Modems#Cellular_Firewall_Rules_and_Bandwidth_Limits    For AutoVPN, you can set a QoS marker, but AutoVPN itself doesn't do anything with it but pass it along.  You can specify a priority for traffic heading to the Internet, but that is not this case.   having a think about this, I think you would be best to use a custom performance class. https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Load_Balancing_and_Flow_Preferences#VPN_Traffic_and_Custom_Performance_Classes You could direct all traffic to use one link, and your card machines to use another, and provide failover.     ps. When I have configured payment gateways in the past - they tend to have two.  So I tend to configure the terminals to use one link to get to the first gateway and the second link to get to the second payment gateway.  Then the terminals can do failover themselves as well.   ... View more

To get good location accuracy the client has to be visible by 4 APs at the same time (aka, very dense).  You need a minimum of 3 APs to get it roughly right. ... View more

Could you post a screenshot of where you are seeing the success data, or say how to get to it? ... View more

Note that unpatched security cameras are the #1 source of IoT based compromises.  Make sure you patch your camera firmware before starting.   As others have said, you could configure a port forward. https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Port_Forwarding_and_NAT_Rules_on_the_MX    A more secure method would be to use client VPN. https://documentation.meraki.com/MX/Client_VPN/Client_VPN_Overview  ... View more

> Create group policies in Meraki that I would then apply to specific devices to allow specific server resources to devices on the "Guest" SSID and bypasses the splash page. (not as easy but more secure?)   I tend to do this, and also use the option to put the device into a different VLAN.   You could also take a look at Trusted Access. https://documentation.meraki.com/zGeneral_Administration/Cross-Platform_Content/Trusted_Access_for_Secure_Wireless_Connectivity  ... View more

It only does that if there isn't a subnet included in both ends in AutoVPN between the source and the destination. ... View more