Meraki

Ben0391 · ‎Jul 5 2023

Hi Sander, thanks for your reply. At the moment this is our configuration: Each VLAN is the ip address range for one building. All APs in this building are configured with the tag use_vlanxx. If a client is roaming now from one building to another, the IP address keeps initially the same (as in old VLAN) and no communication is possible. Is this the expected behaviour? At the moment, only the required VLAN of the building of the corresponding MR-device is configured on the switch. Would it work if I make all VLANs known on the switch port? Or can the tagged access point actually only work with the VLAN assigned to it? Thanks, Ben

Ben0391 · ‎Jul 5 2023

Hi everyone, we have one SSID which is distributed to all access points and uses its own VLAN per building. This means that I distribute a separate tag to the access points per building, so that only a specific VLAN is used at this point. This works so far fine. What is the behavior when a device moves from one building to another? Does the corresponding VLAN (of the "home-building") also have to be present at the switch port to which the access point is connected? Or does the access point tunnel the connection in some way? Thanks for your answers, Ben

Ben0391 · ‎Jun 1 2023

Hi. We are currently experiencing similar issues with a handful of users. Do you think it is a Windows-caused problem? edit.... I have found various threads on this topic in the forum. It seems to be a windows update... https://community.meraki.com/t5/Security-SD-WAN/Windows-11-Very-Slow-VPN-Connection/m-p/125179#M31142

Ben0391 · ‎May 5 2022

I have tried it with "whitelisted", but I get still the Splash Page Any other suggestions? For me this would be the easiest way to handle this.... iPSK without Radius is unfortunately not an option for us. But thanks for the link.

Ben0391 · ‎May 5 2022

Hi Marc, thanks for the quick reply. On the last Screenshot you can see, that for the last SSID a group policy is applied. The screenshot earlier shows the settings in the group policy? Does this work?

Ben0391 · ‎May 5 2022

Hello all, I have tried to configure MAC-based authentication to a SSID without logging in to a splash page. I have used this manual: https://documentation.meraki.com/MR/MR_Splash_Page/Using_a_Sign-on_Splash_Page_to_Restrict_Wireless_Access_by_MAC_address Basically, I see the SSID and when I connect to a device, I see the splash page. For all unathorized users everything is fine. For authorized users, who should be able to use the SSID I have created a group policy with "Bypass Splash-Page"-setting and bandwith limits: This group policy is configured for the SSID on the clients settings: In my opinion, with this setting the client should connect automatically, i.e. without logging into the splash page with the SSID? Or have I misunderstood something here?

Ben0391 · ‎Jan 12 2022

https://community.meraki.com/t5/Security-SD-WAN/Client-VPN-Error-After-January-Windows-Updates/m-p/137098#M34398

Ben0391 · ‎Jan 12 2022

worked for me as well. The Win11 Update should be KB5009566

Meraki

Community

About Ben0391

Ben0391

Community Record

Badges

Re: Roaming behaviour with an SSID with several VLANs

Roaming behaviour with an SSID with several VLANs

Re: Meraki Client VPN

Re: Using a Sign-on Splash Page to Restrict Wireless Access by MAC address

Re: Using a Sign-on Splash Page to Restrict Wireless Access by MAC address

Using a Sign-on Splash Page to Restrict Wireless Access by MAC address

Re: VPN Connection error 789 after update

Re: Client VPN Error After January Windows Updates

Re: VPN Connection error 789 after update

Re: Client VPN Error After January Windows Updates

Re: Meraki Client VPN

Re: VPN Connection error 789 after update