@Max70  agreed it should be like this but i’m using pac also.   and the route preference for the meraki is  Directly Connected Client VPN Static Routes AutoVPN Routes Non-Meraki VPN Peers NAT* Since non meraki vpn peers are on number 5 then and then NAT come . It should choose non meraki vpn path and hence traffic flow through zscaler tunnel directly not through nating. ... View more

Are you using it now or earlier you have tried with MX name?   ... View more

you can't do it on MX now since there is another upstream device who is performing Nating. can you ask your ISP to do the Nating for you.   or there is another way i believe you can establish client vpn via MX name not with ip. it should work. ... View more

You are using private ip's it can't be possible without 1:1 nating .  ... View more

Are we sure that we have public ip configured on the MX? if yes try with server name this time not with the IP. ... View more

Are you using a public ip on MX interface? if yes, i don't think there will be any challenge. just follow below URL.    client vpn will establish through MX public ip go to Security & SDWAN>Uplink  to check the ip   https://documentation.meraki.com/MX/Client_VPN/Client_VPN_OS_Configuration ... View more

Absolutely right @RichardChen1 . I believe as of now you can't configure the policy for Non Meraki VPN peer.  ... View more

if you are running MS120 then your MX would be probably working as L3 Gateway. Check on your MX ARP table. This feature is unsupported by MS120 ... View more

@RichardChen1  you need to put your zscaler node ip under proxy setting to ensure your http and https traffic travels through zscaler.   or    you can download the pac file for that. ... View more

definitely you will be. where are these gateways configured  on MX65 ? if not then you need to put the static route in your mx pointing towards other device in the same subnet that tells you the path to reach to other network.  ... View more

so are you able to establish the tunnel with zscaler node? ... View more

My mx is running on the same 14.39 ... View more

MS120 port should be in access when it is going to computer. MS120 is L2 switch so you have to define the VLAN in MX65 by going into    Step 1: Security & SDWAN>Address & VLAN>  Add VLAN   Step 2: Now go to Security & SDWAN->Address & VLAN-> Per port VLAN setting and it should be trunk depend upon Native vlan you have configured like 1 or any   Step 3: Now configure the DHCP scope by Security & SDWAN>DHCP and run a DHCP server for selected vlan.   Now the MS120 part   Uplink to MX 65 will be trunk.   go to Switch> DHCP servers & ARP  and enter the MX65 mac address in Allowed DHCP servers box.     ... View more

that depends if you want the MR to be in the same subnet as the MS. Secondly if you want to configure the multiple subnet then you need to configure MS port as trunk or if you want to advertise only single subnet then it would be access port. ... View more

have you enable the dhcp server for MS subnet in the MX? ... View more

@SCC  below are the feature wise comparison between both the licenses.    ... View more

@GergelyK  Lucky you . In my MX 100 it is showing as 1940% loss   ... View more

Contact your Meraki reseller for the same. ... View more

@Lucifer  AP comes in repeater mode when it doesn't have the direction connection to the internet. Repeater mode AP could be a issue of bad cable, or bad power supply.   Sometimes rebooting the AP can fix the issue. ... View more

Another one. Yippie  ... View more

Since you are already working on cisco traditional network. Meraki is cisco cloud based solution. you can change/monitor your network from anywhere. Trust me you will love the technology.   Go for it.   But to keep one thing in mind which can panic you at the time of running your legacy + Meraki Network simultaneously.   Don't choose Native vlan other than vlan 1 between your Legacy uplink device to Meraki. Between Meraki you can choose native vlan anyone but between your legacy and Meraki it will cause an issue. ... View more