Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Register or Sign in
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
About Ahoste
Ahoste
Getting noticed
Member since Feb 14, 2020
Oct 28 2021
Community Record
32
Posts
14
Kudos
0
Solutions
Badges
Jul 19 2021
1:46 PM
Hmm thanks. I wonder if the ISP would want or be able to do something about that when I provide them with some of these details. I had insight a while ago running as a trial but never had the time to set it up properly and dig into it. I'll check with our rep. and maybe give it another shot to get some more info. Thanks for you help and ... insight! lol
... View more
Jul 19 2021
1:26 PM
But how would you explain that it doesn't have this with Google? A rule to priorities traffic to Google's DNS? Would I need to have some packet generator + packet capture to actually see what's going on? Or is there a way via Meraki dashboard to find what's happening? thanks for your insight.
... View more
Jul 19 2021
8:36 AM
Just added these, let's wait and see. Cheers
... View more
Jul 19 2021
4:04 AM
Hi, I recently added Cloudflare address to test the connectivity of some networks. We have this one network where users say they occasionally are without internet, I figured probably the provider. Looking at the ping history of this network with 8.8.8.8 as destination it all seems well within normal numbers. Looking at the 1.1.1.1 destination however I see huge spikes/waves of around 20% loss between 08:00h and 00:00h. Since the google ping history seems fine I can't blame the intermittent drops on the provider. Anyone that has seen this before? Or should I try with a different destination address and see what that gives?
... View more
Jun 23 2021
1:24 AM
Hi, I was wondering if it's possible to use Google Authentication to authenticate users for the client VPN. We're using Google Auth as wifi authentication which works ... allright. Not great experience on phones because with 2FA enabled on our google accounts it makes the phone go to gmail to allow the login attempt and then you lose the splash page for the wifi so then you have to go to the gateway ip in safari. not great but works fine for laptops etc. Anyway I was hoping this would work for client VPNs as currently only Meraki auth, radius or AD are available. I want to avoid 3rd parties for radius services etc. I just want the same wifi auth in the client VPN setup. Any ideas? Or am I asking too much from a €5k firewall? 😉
... View more
May 17 2021
3:49 AM
Currently running it in Beta: MG 1.10, I was hoping it would solve it but it didn't.
... View more
May 17 2021
1:54 AM
Hi, Yes, they first told me to check with the carrier, which I did. (no blocks) Then next step was call them when an issue is ongoing. The problem is that this is in another country, and also that the Network cabinet is not easy reachable, it's put 3m off the ground. Power cycling the MG re-establishes the connection. But again, not easy reachable so they just powercycle all devices that are on the main switch to the patchcabinet (modem, MX, switch,...) so not the best solution. Just not really what we expected and want from a crazy expensive 'backup system'. Our 60 euro Huawei dongles work better than this 600 euro + license MG.
... View more
May 14 2021
4:57 AM
We are using an MG21e and MX67 in a combined network. Lan2 port on the MX is configured as a secondary WAN (Standby) and goes to a POE injector first before going into port 1 of the MG. Over the last 3 months we've had the MG go offline 14 times and counting. (only started counting after we setup webhooks) Meraki support told me that it might be some blocked ports, but after checking with the provider they confirmed that there are no blocks or restrictions of any kind. When it's connected to the network it also seems to have a pretty good connection 66,3Mbps. The really weird thing is that the connection loss seems to happen right around the same time. Same for it coming back online, happens around same time of day. Anybody has any idea or other steps to take? Meraki support told me to call when I'm on site but problem is that this is in a retail location in some distant country that I not need to visit very often.
... View more
Oct 22 2020
7:12 AM
Hi, I started a case with Cisco Meraki about this disappearance. I asked them if this feature was omitted with a firmware. The support agent told me: "No, not that I can tell. The feature is completely stripped away" Cisco, Never fails to amaz... disappoint you!
... View more
Oct 21 2020
3:36 AM
Hi, I'm currently trying to replace our traditional 'above the door' counters with the MV12 or MV32. I'm trying to setup the API calls to populate our dataserver with the count. I just want to receive the door count but I only see the MV sense API calls, so does one need the MV sense license just to be able to get this simple statistic or is there another API call I can make to get this data? Thanks already! cheers
... View more
Oct 14 2020
12:28 PM
Hi, Current version of the Z3: MX 15.36 Very disappointing. We were thinking of using the MG as a backup on port 2 on +60 sites, guess that won't be happening anytime soon. Our Z3's finally stopped randomly breaking down, now this...
... View more
Oct 14 2020
4:55 AM
3 Kudos
Hi, I am trying to accomplish this right now with a Z3. However on the local status page I can't seem to find the option anymore. We're trying to expand our Z3's with an MG as well on a second WAN port. I vaguely remember that I was able to toggle this a couple of months ago on a Z3 but when I tried to do it today, pooof gone. Did they suddenly decide that this option was too good for their Z3's? Forcing to go with an MX68 or something alike? They also made a note in their documentation of the Z3, explicitly stating that no second port can be toggled for a WAN port. Which also suggests that is was something that used to be possible. Cheers.
... View more
Oct 8 2020
6:57 AM
Hi Thanks for the info. However when I connect over VPN using the hostname and then check my public IP it shows the WAN 2 public IP. Wan 1 is working just fine so there would be no reason to failover. Cheers
... View more
Oct 8 2020
6:09 AM
Hi, We have an MX250 with 2 WAN connections and the load balancing setting enabled. WAN 1 is a fiber with a lot less latency (1ms) and 200 down & 200 up. WAN 2 is an COAX with higher latency (10ms) and 650 down but only 50 up. So when clients connect over the client VPN do I want them to connect by using WAN 1 static ip or do i give them the serveraddress assigned by Meraki and let Meraki do the loadbalancing? will it take the latency into account? Any insight is much appreciated. cheers
... View more
Sep 30 2020
12:55 AM
hi @abdunin I still see the authentication error in wireless health, but like someone said above, this is in the release notes that successful ones might show up as failed ones. even in the new firmware. however on 1 site where they were having lots of issues they told me that it's been more stable lately. I haven't noticed any drawback from the latest firmware upgrade either so it might be worth it to push and try the update. Cheers
... View more
Sep 24 2020
2:08 PM
2 Kudos
We upgraded our MR42's to 27.5. so now we're waiting patiently for tickets to (not) come in.
... View more
Sep 18 2020
7:47 AM
1 Kudo
Hi We have about +-66 Z3's that we use for retail sites. They're being used together with MR42's or MR33's. +- 20 devices on a network. For the past months (almost as soon as we started rolling them out over a year ago) we started to have problems with them. They would go completely offline and stop 'responding' on all utp ports of the device. No green lights above the ports, no DHCP, no local status page, resetting didn't work. I went through plenty of troubleshooting with Meraki Support to no avail. Cisco sending a new device with RMA is the only way to 'resolve' this. So this week we reached 50% of failing Z3's quite frustrating and disappointing. Our account manager let us know that in the firmware 15.36 this issue should be resolved. This is still beta so not very keen on upgrading just yet. However i was wondering if other people are experience a similar problem? cheers
... View more
Sep 17 2020
3:00 AM
Hi George, I was having the same issue lately. using MR42's as well on firmware MR 26.8.1 Password didn't change or anything, we also push the password via our management system (Jamf Pro) and we haven't changed anything there either. so this problem came out of nowhere (so it seems). we have it across all our +60 sites. are you still experiencing this?
... View more
Aug 25 2020
2:29 AM
Hi Densy, thanks for the reply. so I just did a test with a 30 minute splash frequency. so the user would have to login every 30 minutes with his google account. So i tried this on my device, once i'm signed in and authenticated i'm assigning the user a group policy that bypasses the splash page. That way i try to maintain security because they still have to login before they can use the wifi but once signed in i assign them that bypass policy so they wil never have to sign in again. it looks like this now: so after the 30 minutes it says not authorized but i can still see the user that originally signed in. which is what my goal was in the first place, so all good there. But now my million dollar question is: How long will Meraki remember the user that originally signed in via the splash page?
... View more
Aug 24 2020
12:19 AM
Hi, Thanks for the reply. I figured that meraki would remember that it applied that grouppolicy until i manually forget the client but will it also remember the user that authenticated once in the beginning even after those 90+ days? cheers
... View more
Aug 20 2020
10:09 AM
Hi, is there still no solution to this? we use meraki authentication for VPN access and there still seems no pre-applied policy available. in the client list however the already connected clients are visible. Like you suggested I applied a policy to that user once logged in. but the grouppolicy is not overriding the layer 3 policies on the client vpn page. Did this ever work on your network? cheers
... View more
short update, the assigning a policy pré-splash page like a did here doesn't work either. it worked a couple of times where the splashpage just said successful and u would click done and you'd be connected. those times must've been flukes because now on my iphone it still shows the splashpage and asks me to log in. shame
... View more
Aug 19 2020
8:56 AM
1 Kudo
Hi all, We are using Google authentication via splash page for our staff in our HQ. this was all working (relatively) fine until we forced 2FA for all our users out for security reason. now this is still fine for them to authenticate on laptops/macbooks but when they want to authenticate on an iphone that is also their 2FA device it will ask them to go to google mail app or text app to allow the login attempt. once they go to another app it stops the authentication process on the phone and you have to start from scratch, sending you in loops unless you try to connect without authenticating and then do the process in safari on the iphone which will not stop the authentication process when going to another app to allow the login. but obviously that is not something we can ask our staff to do. I blame Apple for this. anyhow i found a workaround that applies a policy based: The 'mobile device' policy then bypasses the splash page. and assigns the device to our guest VLAN so they have less access to the network since they don't have to authenticate. Does anybody have another 2FA workaround or are there any flaws to this workaround? thanks in advance, cheers
... View more
Aug 19 2020
8:10 AM
Hi all, We have 1 SSID where users need to login with their 3rd party credentials of their Google accounts from the company. we're loving this feature since we can easily see who is on which device. Tho the authentication method was broken on mobile devices because they can't confirm the 2FA on the same device that is trying to login on the splash page since going to gmail stops the logging in process on the splash page. however that problem is going to be a different topic. What i'm trying to accomplish is that our users only see the once splash page ever... not even after 90 days. I feel like i figured it out with a grouppolicy that i'm going to have to assign to each user after they have authenticated. The policy has the 'bypass' splash page enabled. I was wondering if this is a good/safe workaround and also how long will Cisco Meraki remember the user that originally authenticated? will it be the duration of the splash page frequency (3 months) or will it remember it until we forget the client? Below you can see what it looks like when a client authenticated and then when I apply the grouppolicy after. any thoughts are much appreciated
... View more
My Top Kudoed Posts
| Subject | Kudos | Views |
|---|---|---|
| 5 | 11715 | |
| 3 | 12384 | |
| 2 | 19437 | |
| 1 | 1618 | |
| 1 | 1374 |
© 2024 Cisco Systems, Inc.
