Community Record
39
Posts
4
Kudos
0
Solutions
Badges
Apr 3 2024
2:20 AM
Are you sure that the cabling is OK? If you ruled that out then ... In rare circumstances, there are UDLD errors and spanning tree errors caused by a physical issue at the component level on only MS120's. It seemed to mainly be effecting ports 10/11, but after searching I do see some other scenarios where this happened with ports 3. The issue should only impact negotiation at 10 and 100mbps
... View more
There are MS120 switches that have a (small) chance on hardware issues at the chip level, resulting in neighbouring ports like 10/11 or 2/3, seeing eachother. Resulting in spanningtree blocks, and UDLD errors, and ports having intermittent connectivity. This issue is acknowledged by Meraki, but in the case i have opened Meraki can not give details like production batches or serial numbers of switches that are sensitive for this bug. We have an organizaton with 500 MS120-24P switches, where now around 15 - 20 switches are hit by this bug. These switches are around 3 years in use at the customers sites now, production - i guess - around beginning or halfway 2020 I wonder if anyone here has experienced this issue and has more details.
... View more
Labels:
- Labels:
-
Interfaces
-
Layer 2
Dec 1 2023
1:59 AM
Thanks, I guess my real question is: will the MX keep its own table of dns hostnames <> ip addresses, does it update this by its own initiative or is it relying on / waiting for clients doing (readable) DNS requests? Or, in other words: what (if anything) exactly "breaks" when clients start doing DNS over TLS?
... View more
Nov 30 2023
2:41 PM
We have outbound access lists in MX's with hostnames (and also ip addresses / ranges). We also have (android) clients that do DNS requests over TLS to google's DNS (8.8.8.8 over port 853). Are these 2 compatible with eachother? Because i don't see how this can work - the MX has no way to know if a client is trying to access an allowed website. Should we just block port 853 and force the client to choose normal dns?
... View more
Nov 28 2023
6:09 AM
1 Kudo
For MX68's, since not very long you can see what client is connected to what MX68 port in the Clients overview.
... View more
Jul 18 2023
12:09 AM
What was exactly changed in this sizing guide, with what firmware change?
... View more
Mar 23 2023
2:43 AM
Webinterface or API? The reason for my remark is that the API interface api.meraki.com seems to have changed their supported TLS cipher suites a few days ago without any warning... .
... View more
Feb 10 2023
2:43 AM
Thanks, On the vMX in AWS there already is a manual NAT configured.
... View more
Feb 6 2023
1:23 AM
Thanks for your reply. Did you do any troubleshooting, like firmware upgrading, opening a case with Meraki / AVM etc? We have 6 HUB's and 320 spokes with an MX67 behind a Fritzbox 7590. Somehow autoVPN issues on multiple locations started last week, affecting only the autoVPN to 1 of the 6 hubs. Making an exposed host could be an option, but we would have to disable the DHCP client on the MX. Not something i'm looking forward to do.
... View more
Feb 3 2023
4:24 PM
It looks as if the Fritzbox 7590 xDSL ISP router is not fully compatible with Meraki's AutoVPN mechanisms. We have major issues with MX67 spokes connecting to a vMX hub in AWS. Tunnels going down and staying down until we reboot the MX or the Fritzbox. Does anyone have the same experience?
... View more
Labels:
- Labels:
-
Auto VPN
Nov 30 2022
12:47 PM
Support can only advise to create a new organisation in the correct area and then to move the devices.. There are 1k networks and 5k devices in this org. Could this be accomplished with an api application? Someone who build it already?
... View more
Nov 30 2022
5:15 AM
What could be the impact on the performance of the network when for example an european organisation was (by mistake) created in / is hosted in US? - api calls that take several 100ms more per call ? - config changes? - (massive) firmware upgrades / template changes that take longer? - slower failovers in redundant situations? - slower snmp / webhook / syslog alarming / logging - user interactivity at the dashboard Anything i forget? Has Cisco/Meraki any plans to make moving an organisation to another datacenter on the globe possible?
... View more
Nov 22 2022
8:21 AM
On a template based MX68 based organisation, the / Addressing & VLANs page of the template, the numbering starts with Port 2. Can someone tell me if this port 2 is actually the first LAN port (next to the 2 Internet/WAN ports) ? Or is port 2 really the second WAN port?
... View more
Nov 11 2022
6:58 AM
Is there a web site available where i can input the serial no. of the MS120-8LP and see if my power supply is affected? Appearently this is possible for Meraki engineers if i read this article, but we have approx 3000 of these in the field. https://documentation.meraki.com/General_Administration/Support/MS120-8LP-HW_Power_Supply_Proactive_Replacement_Overview_and_FAQ I also would like to know if there is any risk on: - firehazard - safety of users - safety of connected equipment on the switchports - is there any risc of the MS120-8LP switch being damaged?
... View more
Sep 16 2022
12:43 AM
We manage 24 organisations totalling >15.000 Meraki devices. Most of them are not filtered, but some are. It would be extremely helpful to have some kind of more detailed report on which (online) devices can not connect to the new ranges. Furthermore, in the email it was stated that there already was a mailing regarding this change in februari, but i never received that one. This possible hi-impact change on such a short notice of only 2 weeks is really bad operating practice, in my humble opinion. I opened a case, but a case is always coupled to a single organisation. We hope to have a more general solution really soon. more questions: - Are there ip addresses in the new ranges that we can ping to test connectivity? - is it also possible to test the connectivity using API's?
... View more
Sep 15 2022
9:06 AM
We also got the same email re. a 800 sites network, and i wonder how to find out WHAT site is causing this warning.
... View more
Jul 12 2022
7:42 AM
Opened a case. The response i got back from Meraki is that: - there is no switch ASIC in these MX68 / MX65 devices, and therefore these options are not available - this is also not possible using API Best i could do was to submit a feature request..Did that.
... View more
MX65 and MX68 have 10 port switches aboard, but these are not dashboard manageble the way that a dedicated MS switch is. At least - i haven't found out how to: - do a TDR test - see errors / collisions - see what mac address lives behind what port - up/down 10/100/1000 history of a port etcetera... - Is this perception correct or am i missing something here? - Are there any plans to implement this? - Are API calls available to give this insight at every individual switchport in an MX65 / MX68? I'm managing a retail organization with 500+ MX68's and really need insight in the usage of these ports.
... View more
Labels:
- Labels:
-
Interfaces
-
Layer 2
Jun 7 2022
7:07 AM
I ran into the same issue when trying to add an MG to a network and opened a case: ====================================== This is actually expected behaviour. Bound networks are unable to add new device types without being rebound to a template Unfortunately, we only have a single fix for this which is documented below. I'm afraid it's considered disruptive configuration change and is recommended to be done during a maintenance window. https://documentation.meraki.com/MG/MG_Best_Practices/MG_Templates_Best_Practices#Adding_an_MG_into_a_Bound_Network =================================================================================== Could such an action be executed by an piece of software that uses API calls? Anybody aware of such an application?
... View more
Jun 3 2021
12:16 AM
Thanks for your extensive answer! We are already testing and punching holes in the firewall , using the developer tools. Will update this topic.
... View more
May 27 2021
5:36 AM
Thanks for the reply. These firewall rules are meant for *Meraki devices* needing access to the Meraki dashboard. I need the rules needed for management access (browser, API calls etc.) to the dashboard. This is for a workstation needing access to *and only to* the meraki dashboard.
... View more
May 25 2021
1:24 PM
Hi, We need the ip addresses or address ranges that we can use to access the dashboard. Both for API access and regular browser access. We manage Meraki networks at several large and small organizations. I can find the access rules for Meraki devices, but i need the access rules for management.
... View more
May 21 2021
12:49 AM
About 30 years ago i was a field engineer. Had to go to a customer - employee of a large insurance company - to do a small modification on a dialup-modem. The modem sometimes started to dialin by its own, causing high phone bills. Usually we only did business-to-business visits, so only offices, retail locations etc., But this time i went to a private house. The male employee was on the road, i was alone with his wife. She started talking and making advances to me while i was doing the modification.... Of course i ... [text deleted by moderator..]. ===================== Oh yes, does anyone remember the "my network is slow!!!" complaints, just to find out that the central Windows NT server was running an OpenGL moving screen saver that was consuming all CPU power of that server...?
... View more
Feb 1 2021
2:23 PM
Is there any chance that support for a secondary IP range will be implemented in the next few months?
... View more
Nov 16 2019
1:35 AM
I have personally given many pieces of Cisco hardware a new life by rescueing them from a schredder-death, cleaning, testing and giving them a new life to CCNA/CCNP student's lab enviroment. I really wish the same could be done easily for Meraki equipment....
... View more
My Top Kudoed Posts