Meraki

Community

About M4TT

Z3 Access Control

by in Security & SD-WAN
‎Oct 22 2020 8:38 AM
‎Oct 22 2020 8:38 AM
Hi, has anyone used the Network Access Control on the Z3? I have used a splash page with sign on for Wireless devices before but wanted to know if this control was for both hard wired and wireless device access to the network. The scenario I am trying to achieve is that a user would have a workstation, a laptop and a VOIP phone. The workstation and phone would be hard wired into the Z3 and the laptop can either connect via wireless or cable. However if another deice either connected to the wireless or plugged into the device I would like them to be challenged or denied access. My thought was to setup Network access to setup a RADIUS login. Then whitelist the 3 known devices. My hope is that the authorised devices will just work, but anything else connecting would be challenged to authenticate. Unfortunately I don't have a Z3 to hand to test at the moment. Does anyone know if this approach will work, or if there are any better approaches to achieve this?   Thanks in advance, Matt ... View more

MX as one-armed VPN Concentrator limitations

by in Security & SD-WAN
‎Oct 5 2020 12:38 AM
‎Oct 5 2020 12:38 AM
Hi,   I was wondering if anyone has come across any limitations of using an MX as a one-armed VPN concentrator? I am looking at scenarios where we may have many remote workers (with the teleworker gateways) using AutoVPN. While this is all pretty standard if the MX is the HQ gateway and firewall I have some customers who are quite set on other third party firewalls that they have in place, in this case I believe the one-armed concentrator would be the way to go (although I guess a second gateway with the MX in NAT mode, but this may break certain security policies). Has anyone any stories of where this has shown to be problematic or to have limitations that effect the service? Even better if you've managed to over-come the issues. Any issues with certain third party firewalls with traffic being blocked, or maybe with routing issues (many devices may not support OSPF)? Sorry for the very open-ended question, but it's all very well reading the deployment guide which tells you how things 'should' work, I'm left wondering if real life is going to be so easy.   Thanks in advance ... View more

Re: The Power of the Meraki Teleworker Gateway

by in Security & SD-WAN
‎Oct 2 2020 5:17 AM
‎Oct 2 2020 5:17 AM
Quick question regarding this. I assume that once the configuration is downloaded over an ethernet internet connection it would then work in the scenario? i.e. it doesn't need to download this configuration on every reboot and would continue to work for a user with failed internet for a few days (even being rebooted) while waiting for the internet connection to be fixed.   Thanks in advance ... View more

Z3 & Z3c VPN over cellular

by in Security & SD-WAN
‎Oct 2 2020 4:51 AM
‎Oct 2 2020 4:51 AM
Hi, hopefully a quick and easy question. I just need some clarification on the VPN function on the teleworker gateway cellular failover. I understand that the Z3 (nor any MX as far as I know) will not use the cellular connection as part of an SDWAN but I just want to double check it will be able to rebuild it's autoVPN back to the office MX if the primary internet connection fails. So as an example a remote worker is working using the autoVPN to access the corporate network. Their internet broadband fails, obviously the cellular connection will kick in to provide internet connection but the question is will the autoVPN rebuild to give access to the corporate network until the primary line comes back online?   Thanks in advance. ... View more
© 2024 Cisco Systems, Inc.