Register or Sign in
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- About ScottG67
ScottG67
Here to help
Member since Sep 23, 2020
01-12-2023
Community Record
9
Posts
0
Kudos
0
Solutions
Badges
01-06-2023
09:34 AM
I was wondering if that was the case. I will log in with an admin account and not SAML and give it a try. Thanks for the info.
... View more
01-06-2023
07:08 AM
Hello All, I want to start using the API to get some data from my Meraki environments. I found this support page: https://developer.cisco.com/meraki/api-latest/#!authorization/obtaining-your-meraki-api-key That shows how to enable and generate the API key. I was able to enable the API key as the document above states and save the settings. When I go to my profile there is nothing to generate an API key. There is nothing like what is available in the article. I went back to the settings to confirm that the box was still selected to enable API access and it was. So I am not at a loss here on how to obtain the key. Is this something that support needs to enable like some of the other Meraki features? Thanks, Scott
... View more
11-30-2022
08:54 AM
I have solved this. The documentation provided here https://documentation.meraki.com/MX/Client_VPN/AnyConnect_on_the_MX_Appliance/Authentication specifies that a .pem or .cer cert needs to be applied to the concentrator and a child cert needs to be applied to the endpoint. In the above document it has an image of a windows cert store with a cert highlighted, the issue here is that cert needs to have the private key with it. In the image you can see it is not there are only the cert is imported. Once I imported the cert and private key, thankfully I didn't need to me the private key exportable, I had a successful configuration.
... View more
11-15-2022
07:20 AM
I have opened a case and the technician I was talking to says everything I have done looks correct. They are going to try and reproduce the issue in a lab. Once I know the outcome I will post back for future cases.
... View more
11-14-2022
08:45 AM
Hello, I have followed this documentation when I configured the Meraki with the certificate required. When I upload the certificate I see the following on the console. After I save the changes and refresh the page I see the following: Is this last image saying that we do not have a certificate for this configuration now or that it has been uploaded and we do? Thanks, Scott
... View more
11-10-2022
12:57 PM
Hello All, I have an MX250 with firmware version 16.16.4 and a client of 4.10.05085. I have configured AnyConnect with SAML MFA. In this configuration I have a working AnyConnect setup. I now want to add Certificate Authentication. I have created a self signed CA certificate and added it to the Meraki MX device. I have then created a certificate issues by the CA I uploaded. I have added this new certificate to the Computer->personal certificate store. I have also added the CA certificate to the Computer -> Trusted Root Certification Authorities store. I now have a Certificate that is trusted and working on my machine; however, when I try to start a VPN connection I keep getting the error "No valid Certificates available for authentication." I have disabled "Enable automatic certificate selection" so I make sure it is using the right cert; however, still no success. What am I missing here? Thanks, Scott
... View more
11-25-2020
07:23 AM
Thanks Bruce for the explanation this makes sense for sure.
... View more
11-24-2020
01:48 PM
Hello All, I have deployed a MX100 with a mix of mx67 and Z3 devices as well as a number of Windows 10 client vpn machines. From the MX100 documentation it says the Recommended maximum concurrent client VPN tunnels is 250 and Recommended client devices is 500. I am thinking this means my MX67 and z3 count against the 250 recommended number and my windows 10 devices count against the 500 devices? I am planning on upgrading to MX250 but I am trying to find out how fast I need to upgrade. https://meraki.cisco.com/product-collateral/mx-sizing-guide/?file If anyone can clear up the muddy waters that would be create. Thanks, Scott
... View more
09-23-2020
02:47 PM
Hello All, I have a Meraxi MX100 configured with Windows 10 native VPN clients working currently. If a user connects to the vpn during login I don't have any issues; however, if I have a network issue with the client say they go in an elevator and their network drops or their network at home or the coffee shop drops the VPN will disconnect. During re-connection I am seeing the following events in the Meraki log: Sep 23 15:25:35 00:00:00:00:00:00 Non-Meraki / Client VPN negotiation msg: ISAKMP-SA deleted xxx.xxx.xxx.xxx[4500]-xxx.xxx.xxx.xxx[4500] spi:d518d7fe836cb242:3d099c31f983f494 Sep 23 15:25:35 00:00:00:00:00:00 Non-Meraki / Client VPN negotiation msg: ISAKMP-SA expired xxx.xxx.xxx.xxx[4500]-xxx.xxx.xxx.xxx[4500] spi:d518d7fe836cb242:3d099c31f983f494 I am also getting an error on the windows side saying that either my credentials are wrong or the protocol is not permitted. If the user logs off the machine and logs back in the VPN will work again; however, it would be far better if we could just reconnect to the VPN. So the first question I have is regarding the log entry above. Is this log saying that the session has expired and then the session was deleted? Secondly, if this is the case can I set the session timeout to a longer duration? Thanks, Scott
... View more
