Take a look at this post.  Plug the fibre directly into the MX and configure the MX via the local statyus page. https://www.reddit.com/r/AskIreland/comments/180s7zq/3rd_part_router_help_for_vodafone_broadband/   ... View more

> I assume, dual or single hand off, moving to these connections would be a requirement of going above 1Gbe.    Correct. ... View more

The only other option I can think of is to create either an API script or an Automation that runs every "x" hours and notifies you of any client without a policy assigned.     https://documentation.meraki.com/Platform_Management/Workflows   You would use a "Schedule" workflow. https://documentation.meraki.com/Platform_Management/Workflows/Automation_Rules/Schedule_Rule   If I were doing it, I think I would have it use a WebHook and send the notification to a Microsoft Teams channel. ... View more

How far away is the nearest airport? ... View more

If you have any other internal Meraki devices, such as an MR or an MS - you could do the ping from those. ... View more

I'm going to take a different strategy.   Ask the ISP performing the upgrade whether they can provide a pair of SFP+ ports in a bridge configuration to connect the primary and backup firewalls.  It will be easier for you if they take this on. If they are not keen, ask them what they would charge to provide this service.   Otherwise, I think the MS130-24X is the lowest spec Meraki switch that has 4 SFP+ ports (you need three ports). https://documentation.meraki.com/Switching/MS_-_Switches/Product_Information/Overviews_and_Datasheets/MS130_Datasheet   Also, do you have a 10Gbe connection between the MX95 and your 6509?     ... View more

What country are you in?  What type of Internet circuit is this?   Can you plug your Internet circuit directly into the MX, and get rid of the ISP router?  You'll need to configure the MX's WAN port to match the ISP's requirements. ... View more

Haha.  I can just imagine the licence tiers.  ... View more

Ask whoever you bought the firewall from for a licence renewal.   Search for "What happens when I reach my co-termination date?". https://documentation.meraki.com/Platform_Management/Product_Information/Licensing/Meraki_Licensing_FAQs     ... View more

Maybe a year ago, Microsoft changed Credential Guard to block SSO for MSCHAPv2.  What you are seeing is now the expected behaviour.   You need to migrate to certificates to stop this.   https://www.keytos.io/blog/cloud-security/microsoft-disabled-ms-chapv2-for-network-sso-credential-guard/   ... View more

Invert your logic - and you have that already.   Assign every device on your network a policy like "checked".  Anything that turns up without that policy has not been checked and is new. ... View more

Site-to-site VPN firewall rules still work.   I don't know about the firewall rules used for Internet access.  I have not had to use it for that case. ... View more

Are you using AutoVPN? ... View more

If you go to the "VPN Status" page, and click in the highlighted circle area, you get a new page with a lot more statistics.     ... View more

I can fix that for £10k. ... View more

Is that definitely a PDL licence - as opposed to a co-term licence? ... View more

As long as you are not using VIP, it won't matter.  Both MXs can go active. ... View more

This will be exactly it. ... View more

I used to do exactly that - now I do everything at once.   All switches download the firmware first, wait 20 minutes to ensure all other switches have finished downloading, and then apply the firmware.   https://documentation.meraki.com/Switching/MS_-_Switches/Product_Information/Compatibility_and_Firmware/MS_Firmware_Upgrades     ... View more

I don't tend to dual-connect MXs.  I have had more HA system outages caused by spanning tree behaviour than by single-port or cable failures. ... View more

This. ... View more

The MG supports a /26 for the LAN (a max of 62 hosts, including itself).   https://documentation.meraki.com/SASE_and_SD-WAN/Cellular/Design_and_Configure/Architecture_and_Best_Practices/MG_Wireless_WAN_Dashboard_Settings#DHCP_Settings   ... View more

To build on the great answer by @RaphaelL : https://documentation.meraki.com/Wireless/Operate_and_Maintain/User_Guides/Radio_Settings/AI_-_RRM ... View more

  The MR Advanced licence also allows "Proactive Packet Capture" to automatically capture packets for clients having an issue. https://documentation.meraki.com/Platform_Management/Dashboard_Administration/Troubleshooting_and_Support/Troubleshooting/Packet_Capture_Overview#Intelligent_captures       ... View more

Make sure the SSID is configured for bridge mode (if you change this, you'll need to reboot your WiFi devices).  Don't use NAT mode.  As @Mloraditch noted, you may also need to enable Bonjour forwarding.     ... View more