Within Security & SD-WAN > Routing, Outbound community string and Inbound route filter is now available within eBGP peers in the Route control section: ... View more

Ok, thank you. ... View more

To my understanding the size of an IP prefix doesn't impact STP operation. We are running /22 networks w/o any issue. And having more clients than a /22 can cope, we use several of them and place clients round robin in any of the client VLAN. This needs of course some care to remove clients which are decommisioned and check the amount of registered client in each VLAN.  ... View more

>MX1 has one LAN link to MS A and one LAN link to MS B. Remove the LAN link to MS B. >MX2 also has one LAN link to MS A and one LAN link to MS B. Remove the LAN link to MS A.   ... View more

How many titles are there actually? ... View more

Thank you all for the input!  We do have Entra integration that I have just confirmed so will be exploring that avenue for our BYOD splash page.  Hopefully I won't need to post anymore, fingers crossed!   May you all have wonderful holidays! ... View more

Well a MTU of 1000 on the wireless wouldn't make any sense for that kind of issues. It would break more things than Webex and Teams. TCP TLS packets are (always?) sent with DF bit set, so they would be dropped and nothing would work. ... View more

I believe that this will help you.     https://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-firewalls/215884-configure-a-site-to-site-vpn-tunnel-with.html ... View more

If you want everything on the same VLAN ...   You know how you have an ISP link in each building - what about asking the telco if they can provide you a layer 2 link instead between the buildings? ... View more

I just logged into shard n85 ok.   The status page is not listing any outages. https://status.meraki.net/   ... View more

I don't know the answer.  This is the closest I could find. https://documentation.meraki.com/Platform_Management/SM_-_Endpoint_Management/Operate_and_Maintain/Tags_and_Policies/App_allowing%2F%2Fdenying_list_in_security_policies   ... View more

Make sure your internal network has routes for the client VPN subnet pointing to the MX.  This is a hard requirement. ... View more

...and now we know why. ... View more

Wow!  This is now super compelling. ... View more

This is half-correct: this can be done, but unfortunately, MX100's cannot run MX19 firmware, which is the minimum version needed for routed tunnels w/health checks. ... View more

I dont see a 'domain name' field at all like you see. Here's what mine looks like:   I opened a ticket with Support and they said it's not supported, and that i'll have to upgrade to IOS XE.   Their response: At the moment, DHCP Option 15 (domain name suffix) is not supported on Catalyst Switch (CS) firmware in Meraki-mode. This is a known limitation on CS, and unlike the traditional Meraki MS platforms, CS firmware does not currently provide the ability to configure custom DHCP options, including Option 15. In order to utilize DHCP option 15, the switches would need to be migrated to IOS XE  17.15.4 and later.   ... View more

Top job everyone.     ... View more

Could a Raspberry PI be used ? If so, how ?   Thank you. ... View more

Well, even if we can influence that with GPO, I would not call it really a solution. The unmanaged computers (provided they run Chrome or Edge) would still show by that anonymized IP, and identifying those might actually be more important that IDing the managed ones. MAC based we can still find the device, but that is the only way.   Now, looking at the Chrome ADMX/ADML, which setting you mean? There are three WebRTC settings, and none seem to be exactly this. Maybe as a side effect some will do the trick, but then we would be changing something else as well? I am a bit puzzled here.     A.   ... View more

Hi, good afternoon, My name is Alfredo. And we are having the same problem in MX 19.2.2 AnyConnect does not use DTL, it keeps in TLSv1.3. Was you able to fix the problem? (Meraki recommended upgrade to 19.2.4) ... View more

If you still have the problem i just found and posted a better way to fix them up in this threat. I already fixed 3 switches svg's with this. ... View more

In MV73 Series Datasheet - Cisco Meraki Documentation there is "Heatering ...". But for MV53X documents, I cannot find any hint or information for a MV53X heater. ... View more

We just had a vendor that was adding more Z3s to our environment that accidently selected our main network when adding to our template config for our Z3s, which wiped out the entire config on the MX for that network.  We lost all of our firewall rules, nats, vlans, everything!  And since it was a config change, we had to rebuild all of this manually.    It would have been really nice to have a backup to restore from instead of having to rebuild everything in the middle of the work day.  The solution I came up with is to just create a template from each branch that I can update on a schedule so if this type of thing happens again I would be able to just apply the network to the correct template, let it apply the config from that template.  Then once it is back up and everything is good, I will remove the branch from the template and retain the config.   I hope this works as I have not put this into practice yet but am working on currently. ... View more

Thanks PhilipDAth, very good suggestions but would involve solutions outside of Meraki. I think we'll have to go back to the third party and work something out.   Thanks very much to all who have pitched in to help, very much appreciated!!    ... View more

Hello everyone, I ran a test by modifying the network topology so that the access points can communicate with each other across all switch stacks. Unfortunately, this did not resolve my issue: Apple devices are still regularly losing their Wi-Fi connection. ... View more