Ya... Its showing three versions for me.     ... View more

Current stable version is 15.44 - Released May 26, 2022. As most of the Meraki devices are running on this version, this is showing as stable version.    Stable firmware version is decided by firmware version that is running in most  % of Meraki devices (based on millions of devices).If the number of meraki devices are running the firmware version 16.16 or 17.xx is higher , then these will be notified as stable version.   Every time updated firmware versions are notified to Meraki organization from backend, we can check the release notes and decides if we want to have that improvement or not. If we don't want it, we can certainly reject it and we will be never prompted for that firmware upgrade. When next firmware release is done, we may or may not get the prompt for firmware upgrade and we can cancel it if required.     ... View more

You can create a policy object with all the source subnets that has to be blocked and update it in the source section of this firewall rules. That will look nice and clean.    It looks good to me. ... View more

We can uplink statics tracking on SD-WAN traffic shaping.   > Add the WAN IP address of remote peers just to make sure that there is no ISP connectivity issue. > Appliance status -> Uplink section will help us to see if there is any packet loss and latency.   We usually see these disconnections because of ISP circuits. ... View more

Add googleadservices.com in the allowed URL, it should work.     Its showing me that googleadservices doesn't belong to any category. Also I have checked in bright cloud, its showing me the same. Its in parked domains.       If its again blocked, then we have to check IPS/IDS or other security events. ... View more

Go through this online course , this will be definitely helpful.   Online CMNA - Cisco Meraki Network Associate training module.   https://learning.meraki.net/#/curricula/4d66abb3-e850-49a9-afdf-3493921c2a07 ... View more

Does this subnet on both sites going active / active on this case or Active on Site A and Passive on Site B. Just want to understand one more step.     ... View more

If the network is a combined network, then we cant have device level permissions like you mentioned. Nice requirement though.   May be you can submit a feedback to Meraki team about this by click on Give Feedback button on Meraki support page. ... View more

May be use the Meraki group policy in this case to block the vlan to vlan communication.   1. Create a group policy . Network wide - > Group policy. Mention the vlans that has to be allowed or blocked. You can also configure custom policies settings like IPS/IDS , AMP, Content filtering, L7 firewalls for this vlan using this group policy option.           2. Add the group policy to your Vlan to restrict the traffic.     This will block the inter vlan communication as desired.   ... View more

We can configure Org read-only or network level read-only permission for this request.   If you want to configure organization level read access use the option 1 and Network level readonly permission use the option 2.    If you have a SAML configuration then the same readonly permission for SAML group will solve the request. ... View more

We don't the option in Meraki Dashboard. May be Meraki support can give you the uptime of the devices. ... View more

Where can I see the flow logs in the Meraki Dashboard. I don't recall this seeing in Dashboard.  ... View more

Thanks for sharing this.   We were working on doing a POC to build and test automatic failover of vMX in Azure. We took help from both Meraki and Azure support to get this automated but we were not able to do it due to lack of much documentation.    We will modify your script and give a try.     ... View more

We would like to have more visibility towards Non-Meraki VPN and Phase 2- SA connections. Packet captures on Non Meraki VPN interface is also a option we prefer.  Also we would like to know the device uptime section since last reboot as standard. We would love to have PBR on the cisco meraki switches and increase the event logs per page entries from 30 to 50/100 for better troubleshooting.   ... View more

Communication between two Non-Meraki VPN Peers cannot be achieved through Meraki VPN. Because you cant send the Non-Meraki VPN Peer A subnet to Non-Meraki VPN Peer B subnet from Meraki devices as a  local subnet.    You have to configure a direct VPN tunnel between two Non-Meraki VPN Peers to establish their communication. ... View more

Its a limitation of using IKEv1.  IKEv1 allows only one SA at a tunnel, secondary SA will not be formed until the primary is deleted. Use IKEv2 to fix the issue. It allows multiple SA at a tunnel and the traffic flows seamlessly.   Another Temporary workaround is it use higher prefix on the Meraki.  Instead of allowing various 10.20 segment , configure one static route with 10.20.0.0/16 and enable it on VPN.   ... View more

IKEv1 supports communication between only two CIDR in a tunnel. Example : 10.1.10.0/24 can communicate to 10.2.10.0/24 but if other subnets wants to establish a tunnel with same peer subnet then the traffic gets dropped as IKEv1 doesn't support multiple CIDR communication. ... View more

Guys,   Any fix for this.   Regards, Pavithran C ... View more