That is precisely what I was missing! Thank you! ... View more

@DarrenOC wrote:   Depending on how big your network is you can either manually audit the existing Config and document. Or, use API to pull the Config off and spit back into the dashboard when devices are moved over. Yea, this is probably what we're going to have to do. ... View more

My understanding is that the NBAR categories only function in the "Normal" setting. Group Policy objects do not use the NBAR filtering at this point. The Meraki tech I was talking with didn't know if or when that functionality would arrive.   It would be nice though. We generally use group policy to open or close services and having more granularity would be nice to have there. ... View more

What about smart devices that only connect at 2.4Ghz?  I have a fan that only will connect to a 2.4. I have not been able to connect to my new Z3 AP as the device probably see the 2 bands and gets confused.  Any solutions to this issue?  ... View more

Disclaimer...this is "to the best of my understanding"   If you want the firewall & content filtering features of the MX60W in front of your wifi, then I'd plug the WAN port of the MX60W into the LAN of your network. So long as the MX60W unit can get to the internet, you'll be able to configure the wireless settings of the MX60W unit.   A possibly better solution would be to simply use the MR access points which have firewall, traffic shaping, access control and more functions built-in. They also allow multiple SSID's on multiple vlans so you can allow some users onto the "business" and others into a "guest." Unless you really need a specific feature of the MX-line to apply only to your wireless units, then the MR is a better bet. The MR is also a much better wireless AP anyways. ... View more

So this is how it's set now. Everything on the network, regardless of group policy (normal or otherwise), and connect to remote smtp servers on port 25.   If I remove rule #5 (.75 allow access) then nothing and get to port 25. Perhaps I will have to live with this and find how to get this single server to send reports via another method. ... View more

took some time but now i have somewhat more usefull reporting 😉 tnx  Meraki !     ... View more

What about the switch level, add a group policy? ... View more

I tend to create a group policy, set the bandwidth limit there, and then apply it to the VLAN. https://documentation.meraki.com/MX/Group_Policies_and_Blacklisting/Creating_and_Applying_Group_Policies#By_VLAN   I also tend to put pre-vlan firewall rules there rather than using global firewall rules.  It makes things easier to understand when there are lots of rules when you can go and look at a policy that contains nothing but what affects the users on that vlan. ... View more

love that idea.... we always kept an excel file with the sties and the descriptions. easy to add to and copy and paste ... View more

I've looked into this myself and found this page for reference: http://technet.microsoft.com/library/hh373144.aspx   That said, I'm not sure the best way to get all of that into Meraki's firewall. ... View more

That would be great...except I don't have licensing for 3 MX84 units and no budget to purchase the hardware. ... View more

I've been wishing to do this same thing for an eternity now. We even bought a Meraki switch for our core thinking we could then have the L3 routing on that switch and the Meraki mojo would allow us to do filtering by MAC on the MX. It doesn't. I want to do the same thing that you're doing and filter the internet by VLAN, each VLAN gets different levels of access by default. I have yet to find a way without having every vlan terminate on the MX, which doesn't work so well... ... View more

I just ran a debug session, and the map graphics get pulled from: maps.googleapis.com   So I would create a entry in the localhosts file on your machine pointing this DNS name to 127.0.0.1, which should stop them loading.   I found these instructions to walk you through the process: https://support.rackspace.com/how-to/modify-your-hosts-file/ ... View more