Community Record
9
Posts
0
Kudos
0
Solutions
Badges
Aug 2 2018
8:06 AM
@GiacomoS, That did it! We had no reason to show that page. Thank you for taking the time to assist and clarify. It is very much appreciated. Thank you Sam-I-am
... View more
Jul 31 2018
5:47 AM
Hello @GiacomoS Thank you for the clarification. My bad. I should have provided more information. I Have attempted to create layer 3 firewall rules denying access to the Meraki appliance IP through port 443, 80, and even All, however, I find that this either cuts off internet access altogether or provides the splash page showing all information (Haven't found the happy medium yet 😕 ). I have added Layer 3 Firewall rules through both Group Policy for DMZ users as well as general firewall rules. Their must be a way to stop this splash screen from appearing. I am honestly surprised that this information is provided by the security appliance. Either way I will keep banging away at it. Please let me know if you have any questions. Thank you
... View more
Jul 27 2018
12:31 PM
Hello WW, Thank you for the assistance. Do you mean just a layer 3 rule in Firewall? I do not have a Wireless Firewall option. So you know I am using an MX 84.
... View more
Jul 27 2018
8:01 AM
Hello Meraki Community, I have a question that I am fairly certain has a simple answer that I am somehow missing. We currently have a domain with 2 VLANs. 1 VLAN for workstations and equipment and 1 VLAN for servers. I have setup a DMZ using a completely different IP Address and subnet to provide users with WiFi access. This Meraki port for the DMZ connection is connected to a switch that is not connected to either VLAN. The DMZ Per-Port VLAN Configuration is as follows: Type: Trunk Native VLAN: DMZ Allowed VLAN: DMZ The Workstation and Server Per-Port VLAN Configurations are: Type: Trunk Native VLAN: VLAN 1 (Client Network) Allowed VLAN: All VLANs I have tested the WiFi and found that the Meraki DHCP does indeed provide the DMZ IP Address. However, when I am connected to the DMZ and select the MX IP Address I am provided with a screen that provides information on the security appliance and the client VLAN. Is their a way to disable this within the Meraki so that a WiFi user cannot determine the security appliance or see the client VLAN? Again, I am sure the answer is right in front of me but I have yet to locate it through searching or testing. Please let me know if you require more information.
... View more
May 16 2018
1:43 PM
Hello Adam, So if I need both VLANs to access the WAN through the main fiber connection and also require rules to ensure that the phones always use the main connection instead of attempting to use the coax connection (when it is connected) then 1:Many seems like it would be the best choice. Thank you for the clarification.
... View more
May 16 2018
1:21 PM
Hello MRCUR, I am not using NAT currently and the VoIP provider did not provide any on Premise device only the VoIP phones that we purchased. I have set Traffic Shaping Rules making SIP (Voice) a High Priority object with no bandwidth limit and no DSCP Tagging. I have also added our main web page and Mail server as high priority with a limit of 39 Mbps and everything else as normal with 15 Mbps (We have 100 Mbps Fiber). With the current Traffic shaping rules we are getting 99% QoS (without the coax connection) this is why I thought it might be a NAT issue. Thank you
... View more
May 16 2018
11:42 AM
Hello All, We currently have an MX84 on our network with redundant ISPs (a 50\50 fiber and a 50\10 coax) and two VLANs. One VLAN for clients and phones (Same network for backup purposes) and the other VLAN for servers. We have a relatively new VoIP service as well and were having VoIP QoS issues. I was working with the provider to determine why the QoS was so bad and could not determine the issue. As it happened our Coax went out a few weeks ago and our QoS increased immensely. After some testing I found that the simultaneous connection of the Coax and the fiber is causing the QoS issue. After doing a good amount of research I believe that the issue might be that the firewall requires NAT to ensure that the phones have a solid connection. I was wondering if users with VoIP and and VLANs prefer 1:1 NAT or 1:Many NAT? Is their one that you find works better with VoIP? I am hoping that I do not have to make too many rules for each user. Any help would be appreciated. Thank you
... View more
Jan 24 2018
9:57 AM
Hello Andrew, Thank you for the reply and article, it was very helpful. I was afraid that lack of ability to limit users as a whole might be an issue. I do not have VoIP on it's own VLAN but will look into separating it I have made some changes based on the article you sent along with some other ones that I came across regarding Traffic shaping and packet prioritization and believe that we may have been able to find a good medium (time will tell). I will look further into pushing more lower priority traffic across Coax as well. Thank you again for the reply and the useful information.
... View more
Jan 23 2018
6:56 PM
Hello, We are new to Meraki Firewalls and are attempting to understand how to create particular bandwidth pools for clients to limit VoIP issues. We currently have 2 WANs, a 50/50 Fiber (for clients) and a 50/10 Coax (for backups). We are not load balancing and the office has 55 users. We originally attempted to allow unlimited use per user setting our SIP voice to High priority, DSCP tagging it as Real Time, and setting everything else as Normal but found that this maxed out our bandwidth causing VoIP issues. We have also attempted to add a per client limit below our bandwidth maximum but found that even allowing more bandwidth than our VoIP system requires we still had VoIP problems. We have begun using the per client limit in the MX84 and have found that this eliminates the VoIP and bandwidth issues but this also severely limits users as we cannot apply enough bandwidth per user for acceptable internet use. With our last Firewall we were able to limit users to pull from a bandwidth pool that was below our maximum bandwidth capacity to guarantee that VoIP would always have bandwidth. Does the Meraki allow for this?
... View more
