Meraki

AjitKumar · ‎Dec 12 2019

Hi @Mr-cook I am afraid this is going be a challenge. We will not be able to establish warm spare with a /30 IP Pool unless we keep a NAT Router before the MXes. Ideally we request for a /29 IP Pool to ISP for such configuration.

AjitKumar · ‎Dec 12 2019

Hi @Mr-cook This should be there if we have "Advanced Security License"

AjitKumar · ‎Dec 11 2019

Hi @AlexG7 Fews ideas here. 1. Let us have a complex WPA2 Password and we do not share this Or / Plus 2. Hidden SSID Wireless > Configure > SSID availability Visibility - Hide this SSID Or / Plus 3. Deny Access to Network Services [Even if other devices gets through the above 2 will not have access to network] Wireless > Firewall & traffic shaping Layer 3 firewall rules Deny Any Any Network-wide > Clients Select Android TV - Policy - Whitelisted

AjitKumar · ‎Nov 28 2019

Hi @Mohammad The part number MA-ANT-20 seems to be correct. You may need to order 22 units. Each set includes 2 Antennas i.e 44 put together. Have a look on the following Video too. https://www.youtube.com/watch?v=UGOtrZguDvk Also refer the following datasheet https://meraki.cisco.com/lib/pdf/meraki_datasheet_antenna_omni_4_7dBi.pdf

AjitKumar · ‎Nov 25 2019

Hi @I_Naitoh 同様の質問で次のスレッドを確認してください。 https://community.meraki.com/t5/Wireless-LAN/WPA3-announced-Does-Meraki-have-any-plans-to-include/td-p/8945

AjitKumar · ‎Oct 9 2019

Hi @ShadowoftheDark I understand we are discussing about "Non-Meraki VPN" Confguration. Constructing tunnels with Meraki Auto VPN (between Meraki Devices) or Non-Meraki VPN (between Meraki and Non Meraki) are kind of easy. I believe the logs displayed on the Dashboard shall be relevant to your VPN only. I could see "failed to get sainfo" event Did you happen refer to following url (Lists down most of error events) https://documentation.meraki.com/MX/Site-to-site_VPN/Troubleshooting_Non-Meraki_Site-to-site_VPN_Peers Event Log: "failed to pre-process ph2 packet/failed to get sainfo" Error Description: The tunnel can’t be established and the following error is recorded in the event logs in the Dashboard “msg: failed to pre-process ph2 packet (side: 1, status: 1), msg: failed to get sainfo.” Error Solution: This can result from mismatched subnets in the IPsec tunnel definitions, typically a mismatched subnet mask. Check to be sure that the local and remote subnets match up on each side of the VPN tunnel.

AjitKumar · ‎Sep 25 2019

Hi @Htaha I understand this should be absolutely fine. Whether POE / Non-POE / 24 / 48 Port. I understand we can stack them together with "No issues". You may check the following Url for more information on Stack Compatibility & configuration. https://documentation.meraki.com/MS/Stacking/Switch_Stacks

AjitKumar · ‎Sep 25 2019

Hi @martijnwireless The only information I could search is the following. https://meraki.cisco.com/lib/pdf/eol/meraki_eol_mr34.pdf Seems MR42 is a replacement of MR34. So I believe "End of Sale Date" ie. October 31st, 2016 seems to be "Release date" for MR 42. I may not be correct though.

AjitKumar · ‎Sep 3 2019

Hi @Mule Could you please verify the "MAC Address" of the "Whitelisted" machine? Is it correctly Identified on the Dashboard?

AjitKumar · ‎Aug 30 2019

Hi @samgbuyi This url falls under the category of "Streaming Media". I see the following Options. Security & SD-WAN >Content Filtering > Blocked website categories > Streaming Media or Security & SD-WAN >Content Filtering > Blocked URL patterns > o2tvseries.com or Security & SD-WAN > Firewall > Layer 7 Firewall rules > Deny HTTP hostname > o2tvseries.com You may test the above settings and apply the desired ones. This can be applied globally or we may create a group policy (Network-wide > Group Policies) and apply to the respective client. If you have already created a "Group Policy" and applied it on devices. Please cross check the "MAC Address" + Applied "Policy" on the device under Network-wide > Clients.

AjitKumar · ‎Aug 26 2019

Hi @Wong I believe this may not be possible. One idea could be. You may install a "Router" between the ISP and MX84s and share the ISP with both MXes.

AjitKumar · ‎Aug 13 2019

Hi @dmiss The Meraki documentation suggest the following reason for this event. 802.11 disassociation: client has left AP - A client informed the AP that it should no longer keep the client in its association table. You may see this if the client has potentially gone into a hibernate state, a powered down state, or the client may have chosen to roam to another AP. Do you think this could be a reason? Few suggestions. Try "Disabling band steering" if already not. If you see lots of SSIDs in your Air Marshal scans. Try setting the Channel width to 20 if already not.

AjitKumar · ‎Aug 12 2019

Same here @PhilipDAth . I am in the middle of LDAP integration.

AjitKumar · ‎Aug 9 2019

Hi@bharris8800 As you know Meraki Products are managed from the cloud. On MS250 Switch if the Primary Link (MS250 Management Traffic) fails we loose the opportunity to make any configuration changes. The Local Status Page will not offer any routing feature. However you may manually change the IP Address & VLAN settings for the device to reach cloud. As @Nash suggests I understand MX.x will be a better option to achieve such requirements though.

AjitKumar · ‎Aug 1 2019

Hi @Hubble What all Meraki Gear do you have in your network? MX, MR , MS? Please share the Model No. too?

AjitKumar · ‎Aug 1 2019

Hi @Hubble, The steps suggested by @Nash shall certainly resolve the issue. You may also check the following 1. Organization > Change Log [To Verify any Block Events] 2. Wireless > Access Control - Assign group policies by device type [To verify Block policy by device type]

AjitKumar · ‎Jul 30 2019

Hi @AkilahIS Two things. One check the Organization - Change Log. To verify if the settings are modified. Two by any chance the devices are assigned with another VLAN and your Global Policy is applied.

AjitKumar · ‎Jul 29 2019

Hi @CKYI I am not sure if the following documents helps you with the information your are looking for. https://documentation.meraki.com/MX/Cellular/3G_-_4G_Cellular_Failover https://documentation.meraki.com/MX/MX_Overviews_and_Specifications/MX67_and_MX68_Overview_and_Specifications

AjitKumar · ‎Jul 28 2019

Hi @SCC With no experience with Meraki Cameras. Do you think creating "Video Walls" will be of some help? Hope you have read the following documentation. https://documentation.meraki.com/MV/Advanced_Configuration/Video_Walls

AjitKumar · ‎Jul 24 2019

Hi @zrunner626 I have not seen any of our clients wireless network with this behavior. As @PhilipDAth suggested "Block all access until sign-on is complete" should do the job. A piece of information from the below url says Once a device is authorized this method will not ask for authentication again for the permitted duration. May be your devices are already authorized. Could you verify this please? https://documentation.meraki.com/MR/Encryption_and_Authentication/Sponsored_Guest If a user disconnects and reconnects within the approved time, the device will automatically get internet access. If the user reconnects to the SSID after the approval period is expired the whole process will be repeated again. This function is currently limited to a maximum of 1 day (24 hours) per authorization. Note: Devices that have been authenticated for a specified duration cannot have their authentication manually revoked, and admins will have to wait for the authorized duration to end for access to expire. Devices are authorized by user accounts, and authorization applies to any device using the approved credentials.

AjitKumar · ‎Jul 24 2019

Hi @Mostofa You have various methods of on-boarding Guests on Meraki Wireless Networks Click-through Sponsored guest login (Preferred Option 1) Sign-on with Meraki Authentication (Preferred Option 2) Billing [Vouchers based access] You may choose any of the above options considering your organization policies. If you want to use vouchers/ coupons please check the following Url [You have all the steps to configure SSID and create vouchers] https://documentation.meraki.com/MR/Splash_Page/Configuring_a_Prepaid_Card_Billing_SSID

AjitKumar · ‎Jul 22 2019

Hi Shawn, I do not see much challenges with DIA. They are pretty reliable and they offer you uptime SLA, we have certainly good service providers here in India. Airtel & Tata to name a few. Having said that "You may consider 2 Links from 2 different Provider" and have a nice SDWAN Configuration. Added to this you may consider MPLS link too. However I do not see a great advantage here. Perhaps it all depends on how critical your services are.

AjitKumar · ‎Jul 22 2019

Hi @Screasey Greetings. I am getting ready to deploy a site to Chennai India. This is Ajit from India :). Let me know if you need any assistance. Is the MX device using DIA circuits reliable enough for this operation? DIAs are certainly reliable. There is an agreed SLA with the operator. Can I use an MPLS circuit in the MX device? Certainly you can use MPLS. You need internet service in the mpls circuit for MX to reach cloud and establish AutoVPN with other sites. I have a pair of MX 400's at the head end For HA.. You will need 3 IPs on each link .ie /29. Is it also possible to terminate an MPLS into the MX400? this would give me direct site to site. Hmmm. You may terminate MPLS on a LAN Interface by creating L3 VLAN. However internet is required for MX Management.

AjitKumar · ‎Jul 19 2019

Hi @Kirillg88 With my Limited Knowledge I can think of following Connectivity. May be @kYutobi can suggest mistakes in this diagram.

AjitKumar · ‎Jul 19 2019

Hi @IsraelFilho Yes I saw a similar message from @Uberseehandel on Monday. Below the is thread https://community.meraki.com/t5/Dashboard-Administration/One-or-more-of-your-Meraki-devices-are-unable-to-communicate/m-p/53903#M1882

About AjitKumar

AjitKumar

Ajit

Community Record

Badges