Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
About DunJer622
DunJer622
Building a reputation
Member since Jan 31, 2018
Feb 6 2025
Community Record
76
Posts
9
Kudos
1
Solution
Badges
Feb 5 2019
8:56 AM
It was a matter of an incorrect default route and the requirement for LACP. As for my original question, Meraki doesn't appear to use reflexive policies, as the one that I created for testing has never had a hit, and it is our Exchange Server. Everything is now working, but some things are more transparent than others.
... View more
Jan 27 2019
12:22 PM
1 Kudo
Was an issue with ISP. I'm assuming caching. Upon router power-cycle, everything began responding.
... View more
Jan 27 2019
10:40 AM
Internet appears to be working fine. NATing appears to be an issue, though. It is odd, though. My Exchange email appears to be flowing correctly, but Nothing else relying on NAT is connecting. Researching that now.
... View more
Jan 27 2019
9:53 AM
1 Kudo
Heh. Just got your message. You got me looking at the right place. Going to do more testing now.
... View more
Jan 27 2019
9:52 AM
Found an issue... Had 0.0.0.0 point to 192.168.1.1. Changed it to 192.168.1.2.
... View more
Jan 27 2019
9:36 AM
MS250 is 192.168.1.1, MX250 is 192.168.1.2
... View more
Jan 27 2019
9:29 AM
A bit more... The MX250 uplink port (trunk) is our Meraki Management VLAN (1) as native, while the server, phone, and workstation VLANs (10, 59-60, 202) are allowed. The MS250 uplink port (trunk) is configured the same.
... View more
Jan 27 2019
9:23 AM
WAN routers - MX250 - MS250 - Client MS250 is in L3 mode
... View more
Jan 27 2019
9:10 AM
There is no DNS resolution and a tracert to 8.8.8.8 hits the switch and then fails after that. Why would the switch be blocking anything? Going to check my Interface settings, but there doesn't seem much that should come into play. Thanks, Jeremy
... View more
Jan 27 2019
8:43 AM
Greetings, I'm in round 2 of an attempt to replace old equipment with Meraki. The main issue I'm seeing now is that LAN devices are not accessing the Internet. We have Windows Servers serving as DHCP and DNS. Nothing has changed with those servers and they are accessible. Devices with static info do not connect, either. If I enable DHCP on the MX250, then that network gets Internet. I don't see anything in the event logs. Is something cached somewhere? Any ideas of where to look first? I appreciate any assistance. Thank you, Jeremy
... View more
Jan 22 2019
12:51 PM
It is possible that my testing was compromised. I'll be doing more testing this Saturday. In our environment, MaaS360 uses ActiveSync to access our Exchange environment. For this question, we have 3 impacted solutions. We have a physical secure remote access (SRA) appliance and a virtual Exchange Server environment. The Exchange environment is used for MaaS360 and OWA (Outlook Web Access). As SRA and Exchange are public facing, we use NAT to access the private IP of the devices. In my current environment, I have reflexive policies in place. This is necessary, as the static public IP of the destination is actually already on the WAN environment of the same firewall managing the Wi-Fi (which causes traffic to stop without a return policy). I generally have the Wi-Fi network completely isolated from the LAN environment. I have at times made exceptions DNS and RDP. Anyhow, I tried using the L3 Outbound rules to create a reflexive policy of the associated NAT policy. No effect. However, I was having other issues with my test environment that may have been coming into play. I'll confirm on Saturday. Oh, along that line, I need an internal device to leave with a specific public IP address. In SonicWALL, this is also addressed by NAT. Is it safe to assume that L3 outbound rules can accommodate that, too? Thanks, Jeremy
... View more
Jan 20 2019
12:19 PM
Greetings, I'm migrating our core SonicWALL hardware over to Meraki hardware and I've ran into a few issues. One of them is reflexive policies or similar. Basically, I have my MX250 with a bunch of MR33 units on the same network. Wi-Fi to the Internet is working great. However, my phones on Wi-Fi cannot access my email server (via MaaS360). With SonicWALL, I just simply created NAT and firewall rules with reflexive policies and the phones synced whether they were on the network or not. I've tried similar settings within the Meraki firewall settings, but no luck. Any ideas? Thank you, Jeremy
... View more
Dec 28 2018
4:32 PM
Greetings, Just got a couple MX250 units to replace my old hardware and see that the Internet 1/2 ports are SFP. I didn't realize that (as we have been using MX65 and Z1 units) and now need to order a few modules. That said, is there the option to use the GbE ports for WAN? I thought that'd be an quick search, but I'm not finding anything. Any info would be appreciated. Thanks, Jeremy
... View more
Feb 15 2018
7:33 AM
@Mr_IT_Guy At the time, I was working in an environment that was inside the router distributing the public IP. As I didn't have a loopback rule in place for the public IP, I was trying to use my phone to access the public IP. For whatever reason, it didn't work and I spent no more time on it, as I had local access. However, now that I'm at home, I can log into the static IP just fine and indeed get to the port config page, which is exactly what I was looking for. So, I now have everything configured correctly and the VPN is working just fine. Now on to figuring out routing on these units... 😉 Thanks for the help.
... View more
Feb 14 2018
12:41 PM
Adam, I only see "Local device status page" within Device Configuration.
... View more
Feb 14 2018
12:39 PM
DCooper, do you mean firmware? If so, I'm on MX 13.28.
... View more
Feb 14 2018
11:45 AM
I'll have to keep testing, but that is not working for me. If I put in the IP address in for either WAN port, it simply times out. Have I overlooked a setting that allows remote access to the public IP(s)?
... View more
Feb 14 2018
11:25 AM
Thanks for the response, JFM-FL. I had done local access for configuring the port 4, but I was hoping that I could make WAN 1 changes via the web interface. Having to be directly connected is going to be a very inconvenient element for my remote sites. My hope was that the Meraki cloud management was going to be more capable. Well, still figuring Meraki out, as it way different than all the other routers that I've worked with. Jeremy
... View more
Feb 14 2018
10:15 AM
I hope I'm missing something really simple, but how do you configure both the WAN 1 and WAN 2 ports to be static? In this case, I configured much of the unit via DHCP into the Internet port. I then changed port 4 to be WAN, with a static IP (with Internet port still DHCP). At that point, I connected the ISP modem to port 4 and connected Internet port to a non-DHCP ISP modem). After that, I checked the device's status and saw the WAN was that of port 4. I can't find any way to configure WAN 1 (Internet port) with the correct static IP info. If I disconnect port 4 and reconnect WAN 1 to DCHP, the unit gets back on the Internet, but it won't let me change the WAN info to static. I just get a yellow "!" and it never accepts the change. Any assistance would be greatly appreciated, as I'm on a tight timeline for testing and, hopefully, deployment. Thank you, Jeremy
... View more
Feb 7 2018
12:36 PM
Thanks for the responses. I've ordered another MX64 for Meraki-to-Meraki testing, with a parallel connection with my production network. This is all PoC. I'll then replace the "hub" MX64 with an MX100 or MX400, depending on my ultimate design and an understanding of 'connections'. I was a little disappointed that the non-Meraki interaction wasn't better, but I guess it is to be expected. I'm getting by in my testing for now, but will be glad to have the second unit. The SonicWALL is making some of the testing tough, if not impossible. Anyhow, again, thanks for the replies. Jeremy
... View more
Jan 31 2018
2:11 PM
Greetings, We're a SonicWALL shop that is looking to potentially move to Meraki. I'm new to Meraki, so I am in the process of crash-course learning. It is looking like we'll be swapping out our EOL TZ200 and TZ205 units with MX64 units. That said, I'm in the early stages of R&D and PoC. As we have an existing network, we're looking to gradually transition the implementation of the Meraki units. So, onto my questions. Can I create a VPN with the MX64 to my SonicWALL NSA E5500 (network core router)? The short answer is "yes", as I was able to use the Non-Meraki Peers section. However, I had to setup the MX64 as the hub, as it would not let me assign it as a spoke (due to no hubs being identified in the organization). Am I setting up this VPN correctly? I'm concerned about adding the next MX64, as it will see the 1st MX64 as a hub. Do I have to just keep setting up the MX64 units as hubs and then setup the non-Meraki Peer to the SonicWALL each time? I could be doing 30+ locations this year. Would it be more prudent to swap out the SonicWALL hub with an MX100 or MX400 first? This would obviously interrupt my entire network greatly and lead to a repeat effort on the VPNs. With the VPN that I have created, I don't see how to setup failover for the actual VPN, should the SonicWALL hub's primary Internet fail. With my SonicWALL endpoints, I can simply enter the primary and secondary IPs of the hub and the endpoints will automatically re-establish the VPN on the secondary IP, should the primary fail. Can I do the same with Meraki? Can I do it with an MX64 to a non-Meraki router (hub)? I appreciate any assistance that anyone can provide. I've scoured the online documentation without success. Thank you, Jeremy
... View more
My Accepted Solutions
| Subject | Views | Posted |
|---|---|---|
| 3061 | Feb 5 2019 8:56 AM |
My Top Kudoed Posts
© 2025 Cisco Systems, Inc.
