Meraki

Maggs · ‎Dec 2 2020

Sorry I missed this! No, nothing showed in the event log. We tried disabling AMP and IPS with no change. Later Meraki support told us the ip we identified was marked by their Geo-ID provider as being in a country we block via MX. We confirmed by removing the block for that country and seeing functionality resume. Other Geo providers show the ip in the US and we all thought it was an error. This particular provider took a week to revert the change and today we have functionality again, even with the country block. Thanks for the help!

Maggs · ‎Nov 25 2020

Thanks MerakiDave. We opened a support case yesterday. I had an update drafted and never hit Post, sorry. In case this helps anyone else: Meraki tech support helped us out. Apparently the geo-IP service Meraki uses has this IP mapped to a country which we have blocked. Other geo-IP services show the IP in the US. The mapping to the blocked country may be a mistake, and Meraki and we are requesting a correction. Based on experience, the geo-IP service may take up to a week to remediate. We confirmed removing the country block restores functionality. Cheers-

Maggs · ‎Nov 24 2020

Starting today Nintex forms on Office365 will not load when the client is behind an MX. We see this effect in multiple offices spread out across the USA using different ISPs. Forms load normally when a client bypasses the MX and connects directly to the ISP. DNS resolution does not seem to be an issue. No blocking events are logged. Temporarily disabling threat protection does not have an effect. No recent firmware updates. A packet capture on an MX shows reset packets instead of syn-ack's from the remote Nintex ip. Any ideas or other people seeing the same issue?

Maggs · ‎Jul 11 2020

A couple other suggestions I've heard since posting are to use a PaaS service with its own protection features, or Azure Automation Accounts.

Maggs · ‎Jul 7 2020

Thanks PhilipDAth!

Maggs · ‎Jul 7 2020

Thanks sungod! All good ideas. This gives me food for thought. We have the dashboard admins pretty locked down and we're starting with read-only API access. I'll do some searching but if you have any further advice on encrypting and decrypting keys on the fly, I'm all ears. Much appreciated.

Maggs · ‎Jul 7 2020

Windows

Maggs · ‎Jul 7 2020

Hi all. I'm a sysadmin just starting out with scripting. I'm loving learning so far and have a pretty basic question. If we want to have a script run in a scheduled way, what can we do to protect the API key? For day to day work, I understand we should pass the key as a variable and not include it in shared source code. I also see PhilipDAth's excellent proposal to help protect keys. https://community.meraki.com/t5/Developers-APIs/A-newer-safer-way-to-access-the-dashboard-API/m-p/69602 For a scheduled script, It seems we need to pick a relatively secure place to put the key, lock it down as much as we can, and that's about it. I'd appreciate advice from those with more experience. By the way we're using Python. Thanks!

Meraki

Community

About Maggs

Maggs

Community Record

Badges

Re: Nintex forms on O365 not loading

Re: Nintex forms on O365 not loading

Nintex forms on O365 not loading

Re: How to protect API keys? (Newbie)

Re: How to protect API keys? (Newbie)

Re: How to protect API keys? (Newbie)

Re: How to protect API keys? (Newbie)

How to protect API keys? (Newbie)

Re: Nintex forms on O365 not loading