I am not sure about that one... The best answer I have (at least right now) is to track down which IPs your office is using for Office 365 and add those and then submit a make a wish to be able to add the FQDN.  ... View more

It's an add on for Advanced Security.   https://meraki.cisco.com/blog/2017/06/introducing-threat-grid-for-meraki-mx/   ... View more

This isn't what you are looking for, but what if you had it apply a group policy to move them to another "guest" VLAN that has internet access, but not access to company resources? That would at least allow legitimate users to do basic work, like email, log into SaaS applications, etc. ... View more

As far as the API goes you can retrieve the clients connected to a device, which returns the MAC, you can then use those MACs to return the group policy. So if you are good with the API (it sounds like you are) you can have that all in one script.   I'm not sure of good way to send notifications to you though.     ... View more

If you go to "Wireless > Configure > Radio settings > RF Profiles" you can either edit or create a profile and either set the radio power, or set it to auto and let it automatically adjust based on neighboring APs. ... View more

Here is Meraki's documentation or setting up SAML. https://documentation.meraki.com/zGeneral_Administration/Managing_Dashboard_Access/Configuring_SAML_Single_Sign-on_for_Dashboard ... View more

Likely yes. It would be integrating with another system which would almost certainly have emails tied to them. ... View more

Are "Auto channel" and "Client balancing" enabled? Also @dlowery mentioned how does the channel utilization in the area look?  ... View more

I agree with @NolanHerring. Also have you reviewed the VPN status page under "Security appliance > Monitor > VPN status"? I would be curious to how the usage graph on that page may compare to your observations. ... View more

802.11r can cause issues for some android devices. I would suggest turning it off to see if it helps. ... View more

Those are network specific settings so it makes sense that when you move them it would inherit the new network settings (which is likely default). Are these settings the same (or mostly the same) across all the sites? You can build a switch template and bind the networks to the template. That would allow you keep those settings. If you do have some one off settings you can over ride portions of the switch template. ie change LAN 1 from VLAN 1 trunked to default of VLAN 2 as an access port.   Also why don't you bind the switch to the destination network from the beginning? ... View more

No, you can't use the wireless radio for the device uplink. ... View more

I feel ya. Past experience with Meraki's beta firmware has been pretty good so hopefully you don't have any issues with testing out this beta. ... View more

It may be worth trying the MX 14.34 beta firmware on one of your sites and see if that helps with the AMP issues. I know a lot has been done to address AMP in the 14.x firmware revisions, specifically around the whitelisting issues for AMP. ... View more

I don't think there is away to disable content filtering for Site-to-site VPN traffic, you would need to make content filtering tweaks for all traffic.   For the shop floor instead of using content filtering to block all URL patterns I would recommend using the Layer 3 firewall settings to deny any traffic, and then have L3 firewall rules to allow traffic to either internal subnets, or specific IPs/FQDNs. I do something similar on a bunch of networks I manage and it works quite well.   As for your AMP issues, Meraki has mad a lot of improvements in the more recent firmware releases. What firmware version are you running on your MX appliances? ... View more

@BlakeRichardson @Julian96   (Sorry Blake, i posted this then saw that you did clarify for another brand of AP. I haven't had my Mtn Dew yet today 😉)    It is possible. If you have one AP wired to the network it can act as a gateway for repeater APs within range. I just set this up with some test hardware. I had one MR set up and wired to the network and then up a second one wired as well to download the config and update firmware (it was in storage for a bit). Then I removed the LAN cable and just had it running off the power cord. After a few minutes it found the other AP wired to the network and formed a mesh with it and is repeating the wireless signal.     ... View more

I don't see how Meraki would be able to limit users from logging into O365 if Systems Manager is not installed on a device. It would need to be a feature within O365 to force a certain type of authentication, ie Meraki. ... View more

@NolanHerring   That's right, in the Meraki documentation for that it specifies uplink. https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/Using_Packet_Prioritization_on_a_Traffic_Shaping_Rule   And yeah, you would need to specify that bandwidth limit for the download. ... View more

Is the other AP a Meraki AP? If it is here is a good article to explain how that all works.   https://documentation.meraki.com/MR/Deployment_Guides/Mesh_Deployment_Guide_(CVD) ... View more

Ok. The way the "High, Normal, and Low" traffic shaping settings work is by giving a fraction of the flows to a specific application.  High: 4/7 flows Normal: 2/7 flows Low: 1/7 flows I'm not sure how much traffic is on your network, so is it possible the proportion of OneDrive traffic was considerably higher than other traffic?   Also I wonder if the OneDrive app initiates multiple flows of traffic when syncing. So in theory it 4 simultaneous traffic flows vs a single traffic flow that the browser might do. So when traffic shaping rules see that traffic it ends up giving the OneDrive app four times as much network flow. ... View more

I would say get a packet capture of the One Drive app uploading and adding the IP(s) that is it communicating with. I wonder if the app is not getting categorized the same way as the browser upload.   Also what is the menu path you went through to get "Sharepoint"? I am able to specifically select OneDrive.     ... View more