The Meraki Community
Register or Sign in
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
  • About Kyojuro
Kyojuro

Kyojuro

Conversationalist

Member since Dec 13, 2021

Tuesday
Kudos given to
User Count
MarcP
MarcP
1
View All

Community Record

14
Posts
0
Kudos
0
Solutions

Badges

First 5 Posts
Lift-Off View All
Latest Contributions by Kyojuro
  • Topics Kyojuro has Participated In
  • Latest Contributions by Kyojuro

Re: Very high proportion of CRC errors Meraki Switch

by Kyojuro in Switching
‎04-22-2022 02:21 PM
‎04-22-2022 02:21 PM
Turned out to be due to the SFP ... View more

Re: MX250 keeps dropping

by Kyojuro in Security / SD-WAN
‎04-22-2022 11:41 AM
‎04-22-2022 11:41 AM
Okay so I removed the direct cable and it was working fine for a couple days but now the dashboard just showing both MX unreachable even when everything is connected and working including client vpn, end point users, is something wrong with the dashboard on Meraki's side?  ... View more

very High CRC and packet Fragmentation

by Kyojuro in Switching
‎04-18-2022 01:50 PM
‎04-18-2022 01:50 PM
So our  MS225-24 is setup as a breakout switch with it up streamed to the ISP router providing 1G for us. When we first connected these together, we used a SFP-10G-T SFP module on the switch to connect (No sfp on ISP Router side) and saw our applications fail and show very High CRC and packet Fragmentation. However, when we got rid of the SFP and just connected on the 1G port of the Meraki Switch, everything seems fine. The Meraki  is set to auto negotiate and the ISP is telling  us their device is also set to auto negotiate  so I'm  not sure why it was failing. Any ideas?   ... View more
Labels:
  • Labels:
  • Other

Re: MX250 keeps dropping

by Kyojuro in Security / SD-WAN
‎04-11-2022 07:46 AM
‎04-11-2022 07:46 AM
So just remove the direct cabling and it should still function with the HA failover?  ... View more

Re: MX250 keeps dropping

by Kyojuro in Security / SD-WAN
‎04-10-2022 07:00 PM
‎04-10-2022 07:00 PM
Is the direct link still an issue even if the downstram switch ports do not include the VRRP VLAN? ... View more

MX250 keeps dropping

by Kyojuro in Security / SD-WAN
‎04-08-2022 02:51 PM
‎04-08-2022 02:51 PM
Hello,  I currently have an issue where both of our MX250s Primary and Secondary are becoming unreachable and dropping all connections for a couple of seconds at random times throughout the week. Both are on version 16.16 and they are connected via a direct connection with each other on an isolated vlan for VRRP.  Meraki performed a packet capture and was able to verify the MXs were working correctly.  Not sure at this point what the issue is.  I have tested pulling the power of the primary and it actually fails over correctly to the spare like it should but when the issue occurs, both mx250s go down at the same time.  I know it's not the WAN uplink connections for the MXs since they're on separate ISPs with separate public IPs.  Has anyone experienced anything similar?    Thank you.      ... View more
Labels:
  • Labels:
  • Firewall

Threat Protection Allow list files

by Kyojuro in Security / SD-WAN
‎03-14-2022 11:41 AM
‎03-14-2022 11:41 AM
Hello,  Can anyone help me understand how to use this function in Meraki AMP? Meraki states "  For files, javascripts, and other objects that are not URLs, the MX appliance assigns a unique ID. You can see the blocked items in the Event log page. By entering the ID of the object you want to allow in the Allow list files section you can instruct the appliance to allow the detected signature, even if the URL is different." I'm looking in the Event Log Page of the dashboard for any kind of Object ID and I'm not seeing anything like that. Is there somewhere  else I should be looking? Seems like there aren't any tutorials  for this on the web either.    Thank you.    ... View more
Labels:
  • Labels:
  • Firewall

Re: Block a port on WAN IP address on the MX in the firewall?

by Kyojuro in Security / SD-WAN
‎01-20-2022 10:22 AM
‎01-20-2022 10:22 AM
I need to block port 500 from all external IPs to the WAN IP address of the MX.  ... View more

Block a port on WAN IP address on the MX in the firewall?

by Kyojuro in Security / SD-WAN
‎01-20-2022 10:01 AM
‎01-20-2022 10:01 AM
Is there anyway to block a port for the WAN IP address on the MX in the firewall? Do I just put it in the layer 3? But isn't layer 3 only for LAN rules? Can I put in layer 7?   Thank you.      ... View more
Labels:
  • Labels:
  • Firewall

SD WAN WarmSpare Setup Question

by Kyojuro in Security / SD-WAN
‎01-04-2022 12:00 PM
‎01-04-2022 12:00 PM
Hello,  I'm trying to setup a HA failover for our SDWAN following this guide.  https://www.willette.works/mx-warm-spare/   My question for doing this is, when the failover SD WAN is connected locally to the primary SDWAN for the first time, will the SD WAN go offline and bring down the network in anyway while it's syncing with the secondary?      ... View more
Labels:
  • Labels:
  • Firewall

Group Policy Layer 3 Firewall Rule Comma Separated Ports?

by Kyojuro in Security / SD-WAN
‎12-27-2021 11:57 AM
‎12-27-2021 11:57 AM
I thought you could make a firewall rule with comma separated ports?  Or is this not possible in group policy?  Attached image is the error I'm getting. All of the ports in the comma separated port list are in the range of 1-65535.  ... View more
Labels:
  • Labels:
  • Firewall

Re: Apache Log4j Vulnerubility

by Kyojuro in Security / SD-WAN
‎12-22-2021 12:49 PM
‎12-22-2021 12:49 PM
All SD WANS are MX68s.  All running same firmware (current version) Arctic Wolf.  ... View more

Apache Log4j Vulnerubility

by Kyojuro in Security / SD-WAN
‎12-22-2021 10:03 AM
‎12-22-2021 10:03 AM
Our SD WAN got flagged for  Apache Log4j 2.0.x < 2.15.0 RCE Vulnerability (HTTP, Log4Shell) - Active Check In our Security Monitor but none of the other SD WANs got this Vulnerability . Anyone familiar with this?    Thank you.    ... View more
Labels:
  • Labels:
  • Firewall

Opening Ports for Static Route

by Kyojuro in Security / SD-WAN
‎12-13-2021 12:21 PM
‎12-13-2021 12:21 PM
We currently have static route in the MX250 in place at Addressing and VLANs. We want to setup firewall rules that specify which ports these routes can access both in bound and outbound. How can we set this up in Firewall? I know that Meraki is setup to deny all inbound connection unless allowed by outbound. Is it common practice  to deny all outbound connections in the firewall and only allow wanted outbound connections?  ... View more
Labels:
  • Labels:
  • Firewall
Kudos given to
User Count
MarcP
MarcP
1
View All
custom.footer.
  • Community Guidelines
  • Cisco Privacy
  • Khoros Privacy
  • Privacy Settings
  • Terms of Use
© 2022 Meraki