The Meraki Community
Register or Sign in
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • About Ahoste
Ahoste

Ahoste

Getting noticed

Member since Feb 14, 2020

‎10-28-2021
Kudos from
User Count
Stephan_W
Stephan_W
1
Foxder
Foxder
2
inputoutput
inputoutput
1
cmr
Kind of a big deal cmr
3
abdunin
abdunin
1
View All
Kudos given to
User Count
PhilipDAth
Kind of a big deal PhilipDAth
1
Hoffmaster1224
Hoffmaster1224
1
Troyee
Troyee
1
Aamir1
Aamir1
1
MerakiDave
Meraki Employee MerakiDave
1
View All

Community Record

32
Posts
14
Kudos
0
Solutions

Badges

ECMS2
First 5 Posts
First 10 Kudos
Lift-Off View All
Latest Contributions by Ahoste
  • Topics Ahoste has Participated In
  • Latest Contributions by Ahoste

Re: High loss pinging Cloudflare but not Google and only during the day

by Ahoste in Security / SD-WAN
‎07-19-2021 01:46 PM
‎07-19-2021 01:46 PM
Hmm thanks.   I wonder if the ISP would want or be able to do something about that when I provide them with some of these details.   I had insight a while ago running as a trial but never had the time to set it up properly and dig into it. I'll check with our rep. and maybe give it another shot to get some more info.   Thanks for you help and ... insight! lol ... View more

Re: High loss pinging Cloudflare but not Google and only during the day

by Ahoste in Security / SD-WAN
‎07-19-2021 01:26 PM
‎07-19-2021 01:26 PM
But how would you explain that it doesn't have this with Google?    A rule to priorities traffic to Google's DNS? Would I need to have some packet generator + packet capture to actually see what's going on?  Or is there a way via Meraki dashboard to find what's happening?   thanks for your insight. ... View more

Re: High loss pinging Cloudflare but not Google and only during the day

by Ahoste in Security / SD-WAN
‎07-19-2021 08:36 AM
‎07-19-2021 08:36 AM
Just added these, let's wait and see. Cheers ... View more

High loss pinging Cloudflare but not Google and only during the day

by Ahoste in Security / SD-WAN
‎07-19-2021 04:04 AM
‎07-19-2021 04:04 AM
Hi,   I recently added Cloudflare address to test the connectivity of some networks. We have this one network where users say they occasionally are without internet, I figured probably the provider. Looking at the ping history of this network with 8.8.8.8 as destination it all seems well within normal numbers. Looking at the 1.1.1.1 destination however I see huge spikes/waves of around 20% loss between 08:00h and 00:00h.   Since the google ping history seems fine I can't blame the intermittent drops on the provider. Anyone that has seen this before? Or should I try with a different destination address and see what that gives?   ... View more

Client VPN with Google Workspace/ Gsuite

by Ahoste in Security / SD-WAN
‎06-23-2021 01:24 AM
‎06-23-2021 01:24 AM
Hi,   I was wondering if it's possible to use Google Authentication to authenticate users for the client VPN. We're using Google Auth as wifi authentication which works ... allright. Not great experience on phones because with 2FA enabled on our google accounts it makes the phone go to gmail to allow the login attempt and then you lose the splash page for the wifi so then you have to go to the gateway ip in safari. not great but works fine for laptops etc.   Anyway I was hoping this would work for client VPNs as currently only Meraki auth, radius or AD are available. I want to avoid 3rd parties for radius services etc. I just want the same wifi auth in the client VPN setup.    Any ideas? Or am I asking too much from a €5k firewall? 😉 ... View more

Re: MG21e disconnecting a lot

by Ahoste in Security / SD-WAN
‎05-17-2021 03:49 AM
‎05-17-2021 03:49 AM
Currently running it in Beta:  MG 1.10,  I was hoping it would solve it but it didn't. ... View more

Re: MG21e disconnecting a lot

by Ahoste in Security / SD-WAN
‎05-17-2021 01:54 AM
‎05-17-2021 01:54 AM
Hi,   Yes, they first told me to check with the carrier, which I did. (no blocks) Then next step was call them when an issue is ongoing.  The problem is that this is in another country, and also that the Network cabinet is not easy reachable, it's put 3m off the ground.  Power cycling the MG re-establishes the connection. But again, not easy reachable so they just powercycle all devices that are on the main switch to the patchcabinet (modem, MX, switch,...) so not the best solution.   Just not really what we expected and want from a crazy expensive 'backup system'. Our 60 euro Huawei dongles work better than this 600 euro + license MG. ... View more

MG21e disconnecting a lot

by Ahoste in Security / SD-WAN
‎05-14-2021 04:57 AM
‎05-14-2021 04:57 AM
We are using an MG21e and MX67 in a combined network.   Lan2 port on the MX is configured as a secondary WAN (Standby) and goes to a POE injector first before going into port 1 of the MG.   Over the last 3 months we've had the MG go offline 14 times and counting. (only started counting after we setup webhooks) Meraki support told me that it might be some blocked ports, but after checking with the provider they confirmed that there are no blocks or restrictions of any kind. When it's connected to the network it also seems to have a pretty good connection 66,3Mbps.   The really weird thing is that the connection loss seems to happen right around the same time. Same for it coming back online, happens around same time of day.   Anybody has any idea or other steps to take? Meraki support told me to call when I'm on site but problem is that this is in a retail location in some distant country that I not need to visit very often.   ... View more

Re: In Meraki Z1 & Z3 which LAN port works as secondary WAN port

by Ahoste in Security / SD-WAN
‎10-22-2020 07:12 AM
‎10-22-2020 07:12 AM
Hi,   I started a case with Cisco Meraki about this disappearance. I asked them if this feature was omitted with a firmware. The support agent told me: " No, not that I can tell. The feature is completely stripped away"   Cisco, Never fails to amaz... disappoint you! ... View more

Re: Testing People Traffic Counts

by Ahoste in Smart Cameras
‎10-21-2020 03:36 AM
‎10-21-2020 03:36 AM
Hi,   I'm currently trying to replace our traditional 'above the door' counters with the MV12 or MV32. I'm trying to setup the API calls to populate our dataserver with the count.    I just want to receive the door count but I only see the MV sense API calls, so does one need the MV sense license just to be able to get this simple statistic or is there another API call I can make to get this data?   Thanks already! cheers ... View more

Re: In Meraki Z1 & Z3 which LAN port works as secondary WAN port

by Ahoste in Security / SD-WAN
‎10-14-2020 12:28 PM
‎10-14-2020 12:28 PM
Hi,   Current version of the Z3:  MX 15.36   Very disappointing.  We were thinking of using the MG as a backup on port 2 on +60 sites, guess that won't be happening anytime soon.    Our Z3's finally stopped randomly breaking down, now this...  ... View more

Re: In Meraki Z1 & Z3 which LAN port works as secondary WAN port

by Ahoste in Security / SD-WAN
‎10-14-2020 04:55 AM
3 Kudos
‎10-14-2020 04:55 AM
3 Kudos
Hi, I am trying to accomplish this right now with a Z3. However on the local status page I can't seem to find the option anymore. We're trying to expand our Z3's with an MG as well on a second WAN port. I vaguely remember that I was able to toggle this a couple of months ago on a Z3 but when I tried to do it today, pooof gone.   Did they suddenly decide that this option was too good for their Z3's? Forcing to go with an MX68 or something alike? They also made a note in their documentation of the Z3, explicitly stating that no second port can be toggled for a WAN port. Which also suggests that is was something that used to be possible.   Cheers. ... View more

Re: 2 WAN load balancing client VPN

by Ahoste in Security / SD-WAN
‎10-08-2020 07:48 AM
‎10-08-2020 07:48 AM
Hi, yep it is. and no flows   ... View more

Re: 2 WAN load balancing client VPN

by Ahoste in Security / SD-WAN
‎10-08-2020 06:57 AM
‎10-08-2020 06:57 AM
Hi    Thanks for the info.   However when I connect over VPN using the hostname and then check my public IP it shows the WAN 2 public IP. Wan 1 is working just fine so there would be no reason to failover.   Cheers ... View more

2 WAN load balancing client VPN

by Ahoste in Security / SD-WAN
‎10-08-2020 06:09 AM
‎10-08-2020 06:09 AM
Hi,   We have an MX250 with 2 WAN connections and the load balancing setting enabled.   WAN 1 is a fiber with a lot less latency (1ms) and 200 down & 200 up. WAN 2 is an COAX with higher latency (10ms) and 650 down but only 50 up.   So when clients connect over the client VPN do I want them to connect by using WAN 1 static ip or do i give them the serveraddress assigned by Meraki and let Meraki do the loadbalancing? will it take the latency into account?   Any insight is much appreciated.   cheers     ... View more

Re: MR42 Authentication failures

by Ahoste in Wireless LAN
‎09-30-2020 12:55 AM
‎09-30-2020 12:55 AM
hi @abdunin    I still see the authentication error in wireless health, but like someone said above, this is in the release notes that successful ones might show up as failed ones. even in the new firmware.   however on 1 site where they were having lots of issues they told me that it's been more stable lately. I haven't noticed any drawback from the latest firmware upgrade either so it might be worth it to push and try the update.   Cheers ... View more

Re: MR42 Authentication failures

by Ahoste in Wireless LAN
‎09-24-2020 02:08 PM
2 Kudos
‎09-24-2020 02:08 PM
2 Kudos
We upgraded our MR42's to 27.5. so now we're waiting patiently for tickets to (not) come in.  ... View more

Unresponsive Z3's, now reaching 50% failure rate

by Ahoste in Security / SD-WAN
‎09-18-2020 07:47 AM
1 Kudo
‎09-18-2020 07:47 AM
1 Kudo
Hi   We have about +-66 Z3's that we use for retail sites. They're being used together with MR42's or MR33's. +- 20 devices on a network.   For the past months (almost as soon as we started rolling them out over a year ago) we started to have problems with them.  They would go completely offline and stop 'responding' on all utp ports of the device. No green lights above the ports, no DHCP, no local status page, resetting didn't work.   I went through plenty of troubleshooting with Meraki Support to no avail. Cisco sending a new device with RMA is the only way to 'resolve' this.   So this week we reached 50% of failing Z3's quite frustrating and  disappointing. Our account manager let us know that in the firmware 15.36 this issue should be resolved. This is still beta so not very keen on upgrading just yet.   However i was wondering if other people are experience a similar problem? cheers ... View more

Re: MR42 Authentication failures

by Ahoste in Wireless LAN
‎09-17-2020 03:00 AM
‎09-17-2020 03:00 AM
Hi George, I was having the same issue lately. using MR42's as well on firmware  MR 26.8.1 Password didn't change or anything, we also push the password via our management system (Jamf Pro) and we haven't changed anything there either. so this problem came out of nowhere (so it seems). we have it across all our +60 sites.   are you still experiencing this?   ... View more

Re: Single time splash page with Google authentication

by Ahoste in Wireless LAN
‎08-25-2020 02:29 AM
‎08-25-2020 02:29 AM
Hi Densy,   thanks for the reply.   so I just did a test with a 30 minute splash frequency. so the user would have to login every 30 minutes with his google account.  So i tried this on my device, once i'm signed in and authenticated i'm assigning the user a group policy that bypasses the splash page. That way i try to maintain security because they still have to login before they can use the wifi but once signed in i assign them that bypass policy so they wil never have to sign in again.   it looks like this now:   so after the 30 minutes it says not authorized but i can still see the user that originally signed in. which is what my goal was in the first place, so all good there.  But now my million dollar question is: How long will Meraki remember the user that originally signed in via the splash page? ... View more

Re: Single time splash page with Google authentication

by Ahoste in Wireless LAN
‎08-24-2020 12:19 AM
‎08-24-2020 12:19 AM
Hi, Thanks for the reply. I figured that meraki would remember that it applied that grouppolicy until i manually forget the client but will it also remember the user that authenticated once in the beginning even after those 90+ days?   cheers ... View more

Re: Feature Request: Apply group policies to Client VPN

by Ahoste in Security / SD-WAN
‎08-20-2020 10:09 AM
‎08-20-2020 10:09 AM
Hi, is there still no solution to this? we use meraki authentication for VPN access and there still seems no pre-applied policy available. in the client list however the already connected clients are visible. Like you suggested I applied a policy to that user once logged in. but the grouppolicy is not overriding the layer 3 policies on the client vpn page. Did this ever work on your network? cheers ... View more

Re: 2FA broke google authentication for mobile users

by Ahoste in Wireless LAN
‎08-20-2020 01:57 AM
1 Kudo
‎08-20-2020 01:57 AM
1 Kudo
short update, the assigning a policy pré-splash page like a did here doesn't work either. it worked a couple of times where the splashpage just said successful and u would click done and you'd be connected. those times must've been flukes because now on my iphone it still shows the splashpage and asks me to log in.  shame ... View more

2FA broke google authentication for mobile users

by Ahoste in Wireless LAN
‎08-19-2020 08:56 AM
1 Kudo
‎08-19-2020 08:56 AM
1 Kudo
Hi all,   We are using Google authentication via splash page for our staff in our HQ.  this was all working (relatively) fine until we forced 2FA for all our users out for security reason.   now this is still fine for them to authenticate on laptops/macbooks but when they want to authenticate on an iphone that is also their 2FA device it will ask them to go to google mail app or text app to allow the login attempt. once they go to another app it stops the authentication process on the phone and you have to start from scratch, sending you in loops unless you try to connect without authenticating and then do the process in safari on the iphone which will not stop the authentication process when going to another app to allow the login. but obviously that is not something we can ask our staff to do.   I blame Apple for this.   anyhow i found a workaround that applies a policy based: The 'mobile device' policy then bypasses the splash page. and assigns the device to our guest VLAN so they have less access to the network since they don't have to authenticate.   Does anybody have another 2FA workaround or are there any flaws to this workaround?   thanks in advance, cheers ... View more

Single time splash page with Google authentication

by Ahoste in Wireless LAN
‎08-19-2020 08:10 AM
‎08-19-2020 08:10 AM
Hi all,   We have 1 SSID where users need to login with their 3rd party credentials of their Google accounts from the company. we're loving this feature since we can easily see who is on which device.  Tho the authentication method was broken on mobile devices because they can't confirm the 2FA on the same device that is trying to login on the splash page since going to gmail stops the logging in process on the splash page.  however that problem is going to be a different topic.   What i'm trying to accomplish is that our users only see the once splash page ever... not even after 90 days. I feel like i figured it out with a grouppolicy that i'm going to have to assign to each user after they have authenticated. The policy has the 'bypass' splash page enabled.    I was wondering if this is a good/safe workaround and also how long will Cisco Meraki remember the user that originally authenticated? will it be the duration of the splash page frequency (3 months) or will it remember it until we forget the client?   Below you can see what it looks like when a client authenticated and then when I apply the grouppolicy after.   any thoughts are much appreciated     ... View more
Kudos from
User Count
Stephan_W
Stephan_W
1
Foxder
Foxder
2
inputoutput
inputoutput
1
cmr
Kind of a big deal cmr
3
abdunin
abdunin
1
View All
Kudos given to
User Count
PhilipDAth
Kind of a big deal PhilipDAth
1
Hoffmaster1224
Hoffmaster1224
1
Troyee
Troyee
1
Aamir1
Aamir1
1
MerakiDave
Meraki Employee MerakiDave
1
View All
My Top Kudoed Posts
Subject Kudos Views

Re: It’s that time of year again 🧹🧼🧽— share your spring cleaning picture...

Community Announcements
5 8729

Re: In Meraki Z1 & Z3 which LAN port works as secondary WAN port

Security / SD-WAN
3 8789

Re: MR42 Authentication failures

Wireless LAN
2 13598

Unresponsive Z3's, now reaching 50% failure rate

Security / SD-WAN
1 1128

Re: 2FA broke google authentication for mobile users

Wireless LAN
1 729
View All
Powered by Khoros
custom.footer.
  • Community Guidelines
  • Cisco Privacy
  • Khoros Privacy
  • Privacy Settings
  • Terms of Use
© 2023 Meraki