Meraki

Community

About ESMichal

Re: MX High-Availability Pair IPv6 Support

by in Security & SD-WAN
‎Jun 11 2024 4:24 AM
4 Kudos
‎Jun 11 2024 4:24 AM
4 Kudos
Lack of IPv6 support in warm-spare topology has been blocking us from deploying IPv6 on all of our networks for 2 years. ... View more

Re: Security appliance MX 18.211 Release

by in Security & SD-WAN
‎May 20 2024 12:46 AM
‎May 20 2024 12:46 AM
After the upgrade to 18.211 large portion of our clients were not able to use internet because of DNS problems on the MX gateway: Client made a request to the DNS server, but it did not respond (no_dns_response).   We use DNS passthrough option: Client -> MX Gateway -> Google DNS. There are two gateway in hot-standby mode   We rolled back to 18.208 and the DNS issue seems to be gone. Edit: We do have one high priority traffic shaping rule enabled. ... View more

Re: Wi-Fi Clients being Disassociated due to "excess frame loss"

by in Wireless
‎Feb 17 2023 2:52 AM
1 Kudo
‎Feb 17 2023 2:52 AM
1 Kudo
MacBooks. I have reports from people using Apple Silicon devices with macOS 13 installed. Apple Silicon Macs support all the fancy Wi-Fi roaming features including the 802.11v so it could be a factor. ... View more

Re: Wi-Fi Clients being Disassociated due to "excess frame loss"

by in Wireless
‎Feb 17 2023 1:27 AM
‎Feb 17 2023 1:27 AM
Hey there. Similar situation here. We reached out to Support but L1 informed us about no known issues with 29.4.1 firmware. I asked for escalation of our case. If I don't hear back from them soon we plan to do the downgrade as well. Bad thing is one can not troubleshoot the issue after a downgrade. ... View more

Re: Wi-Fi disassociation reason code when password based RADIUS authenticat...

by in Wireless
‎Oct 11 2022 12:20 AM
2 Kudos
‎Oct 11 2022 12:20 AM
2 Kudos
Hey Raphael. Thank you for the reply.  I think I was mistaken (or confused or something has changed) because last time I tried (week ago) I got the correct reason code from Meraki AP.   So at this point I believe Apple and its UI is to blame.       ... View more

Re: MX IPv6 WAN failover

by in Security & SD-WAN
‎Sep 14 2022 1:00 AM
‎Sep 14 2022 1:00 AM
I've opened a support ticket for this. Apparently latest MX firmware does not include any support for IPv6 failover. I've also sent a feature request via "Give your Feedback" button in Meraki console.   If anyone is in the same spot please send with feature request as well. ... View more

MX IPv6 WAN failover

by in Security & SD-WAN
‎Sep 6 2022 12:21 AM
‎Sep 6 2022 12:21 AM
Is there a way in current beta firmware 18.x or 17.x to configure warm-spare failover on WAN for IPv6?   - Virtual IP (VRRP) seems to be available only for IPv4 - MX router can not function as a BGP peer with ISP   Only way I see with current feature set is to delegate the routing completely to ISP. They would have to configure two routes to my IPv6 prefix. Give them different priorities (so the traffic goes through the primary MX) and monitor the link states so they know when to do the failover (when Primary MX goes down) .   ... View more
Labels:

Wi-Fi disassociation reason code when password based RADIUS authentication ...

by in Wireless
‎Aug 18 2022 4:05 AM
‎Aug 18 2022 4:05 AM
We use Cisco Meraki APs with WPA2 Enterprise authentication againsts remote RADIUS server with EAP-TTLS + PAP.   When user provides wrong credentials (bad password), RADIUS sends Access-Reject message to the AP. AP the disassociates the endpoint providing reason code 8. Reason code 8 means "Disassociated because sending STA is leaving or has left Basic Service Set (BSS)." That is a very generic response. In the list of possible reason codes there is also code 23: "IEEE 802.1X authentication failed.". At first look this seems to be more appropriate code to send.   https://www.cisco.com/assets/sol/sb/WAP371_Emulators/WAP371_Emulator_v1-0-1-5/help/Apx_ReasonCodes2.html   Questions: - Is code 23 suitable for this situation? - Is Cisco Meraki AP capable of sending code 23? - Why does not AP send the code 23? ... View more

Re: IOS - Invalid_PMKID

by in Wireless
‎Aug 4 2022 5:09 AM
‎Aug 4 2022 5:09 AM
We have it set to enabled. We observe PMKID errors mostly with first gen M1 machines which should support 802.11r. ... View more

Re: IOS - Invalid_PMKID

by in Wireless
‎Aug 4 2022 12:33 AM
‎Aug 4 2022 12:33 AM
We are seeing the same issue on our network with Macs (Everything up-to-date Monterey). Some of them use 802.11r without an issue but with others we see quite a lot `invalid_pmkid` errors in Meraki connection log. ... View more
My Accepted Solutions
View all
© 2024 Cisco Systems, Inc.