Meraki

jimmyt234

Nice, good find! Now we just need an in-built alert for when these system resources go over a certain threshold...

jimmyt234

Congrats everyone! 🎉

jimmyt234

Thanks @sungod I found this early access group last night and was granted entry this morning. I have emailed the direct feedback address and will see where that gets me. 🙂

jimmyt234

Yes - we have seen lots of MX75 devices plagued by 'panic reboots' which can have several underlying causes according to support. Get it RMA'd.

jimmyt234

I have always found the packet capture a bit flakey, sometimes just not showing any packets at all and then you refresh/come back 5 minutes later and it works!

jimmyt234

I am 😊

jimmyt234

APIs for Local and Split DNS Service This feature allows administrators to determine which DNS requests are answered by which DNS servers. I have raised a Meraki support ticket, but wanted to reach out to the community anyway to see if anyone had used this API / new feature yet. The first issue I had is when trying to add multiple nameserver addresses, it threw an error saying: "More than one address is in addresses" import requests url = "https://api.meraki.com/api/v1/organizations/ORG_ID/appliance/dns/split/profiles" payload = '''{ "name": "8x8 DNS Profile", "hostnames": [ "*.8x8.com", "*.packet8.net" ], "nameservers": { "addresses": [ "8.28.0.9", "192.84.18.11" ] } }''' headers = { "Authorization": "Bearer API_TOKEN", "Content-Type": "application/json", "Accept": "application/json" } response = requests.request('POST', url, headers=headers, data = payload) print(response.text.encode('utf8')) When I added a profile with only one nameserver I was not convinced it was actually redirecting traffic to the specified nameserver, because a packet capture on the Internet port showed the DNS query going to the clients DNS server, which is set to Proxy to upstream DNS rather than the one added in the DNS profile via the API...

jimmyt234

Can you post in a code block please, makes it easier to read. Also have you tried the Meraki Python library? Might be easier, if you are able to install and use it.

jimmyt234

You need to raise a support ticket and ask them to set Forceauthn to False. Solved: AnyConnect SSO to Entra (Azure AD) - The Meraki Community

jimmyt234

We have noticed something similar across a dozen or so MX67 devices - CPU will remain constantly > 80% even during low/no traffic periods (ie. overnight). Running a mixture of 18.211.2/3/4 Meraki support have said: "Following an investigation of backend logs, we have confirmed that the MXs are being affected by an unexpected behaviour which causes the device to run at 100% CPU usage when one of the LAN ports is converted to WAN2, IDP/IDS is enabled, and a WAN change is made. The behaviour was already raised to our development team who are actively investigating and looking to produce a fix as soon as possible. Unfortunately, there is no ETA for when the fix is going to become available, at this moment in time. The workaround to reduce the CPU usage is to either restart the MX or disable IDP/IPS for around 5 minutes and re-enable it." We are in the process of scheduling reboots for these devices to see if it fixes it.

jimmyt234

Try turning off the mac randomisation feature on the Apple device and see if that allows your static IP to stay fixed.

jimmyt234

Perfectly acceptable design as others have mentioned. One thing to bear in mind is the number of tunnels a particular MX model can handle, as if you're running full AutoVPN mesh over 2 WANs then you will be scaling to a lot of tunnels. MX Sizing Guide & Principles - Cisco Meraki Documentation

jimmyt234

Primary and Secondary IPsec VPN Tunnels @Hannah-C There are multiple instances on this article where it says a feature or setting will be available "once version 19 hits GA": Health check status is currently logged in the event log. An event type category is not yet available for health check logs, a category will be available before 19.x goes GA. Tunnel monitoring probes are sourced from 192.0.2.3/32 by default for both primary and secondary tunnels. The Probe IP cannot be configured via Dashboard at this time. The ability to customize your probe IP via Dashboard will be available when the 19.x firmware becomes GA. When does Meraki consider v19 GA, I would have thought it being in the Stable release candidate channel as GA, because it is no longer beta? Unless the wording should be changed to read "When 19.x firmware is promoted to the Stable channel"..

jimmyt234

Can you clarify what you mean by: "the SD-WAN metrics to the new vMX in Azure are not showing up in the dashboard" ?

jimmyt234

Looks like this is also in the MX 18.211.4 changelog

jimmyt234

Yes - if for whatever reason it doesn't work then you can ring Meraki support for help.

jimmyt234

Read the link I posted - you can move some of the licenses between the Orgs. EG. 20 out of your 50.

jimmyt234

You should be able to self-service license transfer between Orgs. How to do a License Transfer in Cotermination - Cisco Meraki Documentation

jimmyt234

If you have an existing org you want to split into two, read this: Organization Split Overview and FAQ - Cisco Meraki Documentation

jimmyt234

Are they all standalone appliance networks? Configuration sync does not work for the combined network type (eg. you have switches / APs / other Meraki devices in the same network).

jimmyt234

Perhaps you have an indentation error as your code works for me, only thing I changed was the curly braces {} to square ones [] when you are doing the writer.writerow within the devices for loop. import csv import meraki import requests # Replace with your Meraki API Key API_KEY = 'dontlookatmykey' # Replace with your organization ID ORG_ID = 'xxxx' # Initialize the Meraki dashboard API client dashboard = meraki.DashboardAPI(API_KEY, output_log=False, suppress_logging=True) # Fetch a list of all networks in the organization networks = dashboard.organizations.getOrganizationNetworks(ORG_ID) # Prepare CSV output with open('merakiNetworksAndSwitches.csv', mode='w', newline='') as file: writer = csv.writer(file) writer.writerow(['NetworkID','NetworkName', 'DeviceName', 'Serial', 'Model', 'MAC','IP']) # Iterate through networks for network in networks: NetworkID = network['id'] NetworkName = network['name'] # Get devices in each network devices = dashboard.networks.getNetworkDevices(NetworkID) for device in devices: DeviceName = device.get('name', 'N/A') Serial = device.get('serial') Model = device.get('model', 'N/A') MAC = device.get('mac', 'N/A') IP = device.get("lanIp", 'N/A') writer.writerow([ NetworkID, NetworkName, DeviceName, Serial, Model, MAC, IP ]) print(f"Network And Switches Data Saved To merakiNetworksAndSwitches.csv")

jimmyt234 · ‎Nov 1 2024

Security and SD-WAN (MX,Z) Features Directory - Cisco Meraki Documentation API for Local/Split DNS Service* Gives administrators the power to control which DNS requests are answered by which servers. Sounds like it may be just that! Lacking any other documentation at this time. They have also updated that entry to be 'API for..', it used to just say 'Local/Split DNS Service' so sounds like it will only be configurable in the API and not the GUI??

jimmyt234 · ‎Oct 22 2024

This mirrors the update I received this morning: Apologies for the inconvenience and the time it is taking to resolve this. Our development team is actively working on this issue. I will share any updates via the case as soon as they become available.

jimmyt234 · ‎Oct 21 2024

Security and SD-WAN (MX,Z) Features Directory - Cisco Meraki Documentation There is also now public documentation on the new features in the beta release, this info was lacking until recently.

jimmyt234 · ‎Oct 15 2024

Switches and APs: Yes (Device Uptime - Cisco Meraki Documentation) Firewalls: No

About jimmyt234

jimmyt234

Community Record

Badges