Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
About DennisS
Community Record
16
Posts
2
Kudos
1
Solution
Badges
No, guests are simply provided pre-printed credentials for the captive portal which is more than adequate. The challenge is managing corporate user WIFI experience against compliance requirements, because of this, we'll likely continue using ISE.
... View more
Nov 8 2022
6:57 AM
Hi DouggieFresh, How's this solution been working for you ever since it was deployed? You mentioned you needed to create a separate network for the MX84. Is that because you have different MX models in your existing network already and Meraki won't allow you to add a non-compatible model? We're going to run into the same issue. The network will have a pair of MX95 in HA mode with a primary & backup MPLS uplink to our data centers. The challenge is, how do we accommodate an internet circuit for local internet egress...
... View more
Oct 16 2022
9:01 AM
2 Kudos
That's not possible to control from the spoke side... That's the conclusion I'm coming to. The minute a unique prefix is advertised from one DC, spokes could end up taking the backup hub connection. And because our DCs exchange routes, DC "return" traffic prefers the spoke's primary AutoVPN connection due to MX prepending. Not a big deal right now since our DCs are the only egress points for internet traffic (did I mention this is a SDWAN MPLS deployment) so we simply advertise the default route to branch offices. Later on when we setup local internet egress, we'll need to advertise the same RFC1918 prefixes to spokes and let the DC COREs forward traffic accordingly. It's not idea since we'd prefer branch traffic to go directly to the respective DC but I don't see an alternative setup.
... View more
I upgraded 2 & 3 stacks all together without issue. My hunch is, as the number of member switches increase the greater the likelihood a member switches doesn't recover quick causing other(s) to not come up cleanly.
... View more
Mar 26 2022
10:59 AM
Thanks for the suggestion but it didn't make any difference on the PC. We also dropped the MTU on the MS350 stack, same results. We hopped on a Web-ex with Meraki support and it appears the MX67 isn't forwarding the TLSv1.2 negotiation between the client & Citrix front end server (sits behind an F5). What's odd is, there are other TLSv1 & v1.2 convs from various devices that are working fine. Meraki is reviewing logs and we're waiting for next steps to try.
... View more
Mar 14 2022
5:59 PM
This sounds similar to what I'm trying to test between our data center & a branch location. DATA CENTER We plan to deploy a pair of MX87 in HA Concentrator mode All branch office internet traffic back hauls to the data center across a pair of MPLS backbones BRANCH SITE Dual MPLS circuits terminating to dedicated traditional Cisco routers The plan is to deploy MX routers to replace the traditional routers I'm testing with a MX67 at the branch site. I setup ports 1 & 2 as internet connections & assigned each port the IP address of each CE router I disconnected the MPLS circuit from each routers and plugged them into ports 1 & 2 The MX67 never connected to the dashboard If I understand your solution correctly, I should... Configure ports 1 & 2 as LAN access ports Assign each to a unique Vlan then plug each circuit into ports 1 & 2 Ports 3 - 5 can be setup to connect to downstream switches The CE addresses are advertised into the respective carrier backbones via BGP so no additional static routing should be necessary...
... View more
My Accepted Solutions
| Subject | Views | Posted |
|---|---|---|
| 2722 | Oct 16 2022 9:01 AM |
My Top Kudoed Posts
| Subject | Kudos | Views |
|---|---|---|
| 2 | 2722 |
© 2025 Cisco Systems, Inc.
