Meraki

alemabrahao · ‎Mar 6 2024

In fact, this would not be an issue, it is the expected behavior as you can see in the documentation.

alemabrahao · ‎Mar 6 2024

Even if it is released in the layer 3 rule, it may still be blocked in the layer 7 rule. The only way I see is via Group Policy but you would need to override what is configured by default in the MX. On the MX, if traffic matches an allow rule on the L3 firewall, it can still be blocked by an L7 firewall rule. On the MX, HTTP traffic (TCP port 80) to Facebook.com will be blocked by the L7 firewall, because rule 1 under layer 7 explicitly blocks it, even though the traffic was allowed through the layer 3 firewall. Layer 3 Rules Matched - Traffic allowed through L3 firewall Not processed Not processed Layer 7 Rules Matched - Traffic blocked https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Layer_3_and_7_Firewall_Processing_Order

alemabrahao · ‎Mar 6 2024

How about link negotiation?

alemabrahao · ‎Mar 6 2024

Have you tried connecting to another port on the switch? If it works, it is probably the current port that is defective, otherwise try changing the cable as already stated. In the worst case scenario, open a support case.

alemabrahao · ‎Mar 6 2024

In fact, there could be several causes, such as a problem with the network cable or the device on the other end does not support 1Gb. Try changing the network cable.

alemabrahao · ‎Mar 6 2024

And as far as I remember there is no specific API for this. There is another tool that you can use. https://apps.meraki.io/en-US/apps/380817/datadog

alemabrahao · ‎Mar 6 2024

You can also check this through the dashboard. Why do you want to do it via API?

alemabrahao · ‎Mar 6 2024

If you have a Syslog server, your MX can send logs to it.

alemabrahao · ‎Mar 6 2024

Unfortunately you can only define the frequency, and I believe that via API it will be the same thing.

alemabrahao · ‎Mar 6 2024

Here are the available options. https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Summary_Report_Overview#Emailing_and_Scheduling_Reports

alemabrahao · ‎Mar 6 2024

Take a look at this discussion. https://community.meraki.com/t5/Wireless-LAN/MR-Access-Point-Integration-with-FortiGate/m-p/79617 And also this document. https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/2c24abee-23c3-11ed-9eba-fa163e15d75b/Cisco_Meraki_MR_Access_Points_v94.pdf

alemabrahao · ‎Mar 6 2024

Look, I'll be very honest, I've already configured 802.1x using Freeradius, NPS and ISE and I've never had any problems. There is probably some configuration missing in FortiAuthenticator, but unfortunately I don't have expertise with this tool. It would be interesting to open a support case with Fortinet.

alemabrahao · ‎Mar 6 2024

Actually it's not, it's expected behavior.

alemabrahao · ‎Mar 6 2024

Yes, you need to change the native VLAN to 113.

alemabrahao · ‎Mar 6 2024

Maybe it will help you. https://docs.fortinet.com/document/fortinac-f/7.2.0/cisco-meraki-mr-access-points-integration/174691/step-2-configure-meraki-ap

alemabrahao · ‎Mar 6 2024

alemabrahao · ‎Mar 6 2024

Refer the documentation. MR Meraki RADIUS 2.0 - Cisco Meraki Documentation Configuring RADIUS Authentication with WPA2-Enterprise - Cisco Meraki Documentation

alemabrahao · ‎Mar 6 2024

I'm sure that on Meraki's side there are no restrictions, in fact you need to open a ticket with Microsoft to see how to configure Intune. https://learn.microsoft.com/en-us/mem/intune/configuration/wired-networks-configure https://techcommunity.microsoft.com/t5/microsoft-intune/intune-802-1x-wi-fi-nps-and-user-pkcs-certificates/m-p/4028309

alemabrahao · ‎Mar 6 2024

The Location Heatmap no permite seleccionar dispositivos individuales por su dirección MAC. Proporciona una vista general de la actividad de ubicación en función de la presencia de dispositivos en el área. https://documentation.meraki.com/MR/Monitoring_and_Reporting/Location_Analytics

alemabrahao · ‎Mar 5 2024

Are both PC and server connected directly to the MX? If so, you have to configure the port where they are connected in their respective VLANs. This is actually a very simple setup.

alemabrahao · ‎Mar 5 2024

Yes, definitely. Do you have a MX? If the MX is the default gateway for each network, you don't need an additional configuration. Just to be sure, do you have any firewall rule? Also try disabling the local firewall on the machines.

alemabrahao · ‎Mar 5 2024

Yes, but the documentation is very clear that it will not stop working. The correct thing is to have the license, but the MX has no limitations.

alemabrahao · ‎Mar 5 2024

Local internet breakout is used when you do not want traffic to a certain destination to be sent over SD-WAN. The SD-WAN internet policy is used when you want traffic to a destination on the internet to go through one of the specific WANs. They are different features.

alemabrahao · ‎Mar 5 2024

Check the troubleshooting documentation. .https://documentation.meraki.com/MX/Client_VPN/Guided_Client_VPN_Troubleshooting/Unable_to_Connect_to_Client_VPN_from_Some_Devices

alemabrahao · ‎Mar 5 2024

https://documentation.meraki.com/MX/Client_VPN/AnyConnect_on_the_MX_Appliance/AnyConnect_Licensing_on_the_MX#How_does_AnyConnect_licensing_work_with_the_Meraki_MX.2FvMX_appliance.3F

About alemabrahao

alemabrahao

Alessandro Abrahao

Community Record

Badges