Following the thread.. ... View more

In routed mode 19.x - vmx-LAN and vmx-WAN should be separate subnets under your workload vnet.  then in your host subnet under that vnet you can then change routetable to make the default 0.0.0.0/0 to point to the vmx-LAN IP.   just make sure that you have the proper meraki "addressing & VLANs" settings are applied in the meraki portal. LAN config correctly set to your azure provided vlan interface IP  static routes set to the workload vnet subnets (where the virtual machines are) with the next hop IP as the azure subnet route IP (not the vmx subnet LAN ip) referring to this section: When configuring your vMX appliance within an Azure subnet, it's crucial to understand Azure's IP address reservation scheme. Azure reserves the first four IP addresses in each subnet for essential network functions. For example, in the 192.168.1.0/24 subnet:   192.168.1.0: Network address 192.168.1.1: Azure default gateway 192.168.1.2: Azure DNS 192.168.1.3: Azure DNS     ... View more

So why then organize a contest and write that your closet is bursting with gifts and everyone who leaves a comment will receive them. But how is it really? Half of them received them? How many did not receive them? I'm waiting 3 weeks instead of 3 days to read that you didn't calculate.?(( ... View more

Is this a supported use case from Meraki? Other NVAs go deep into use cases that cover this sort of thing, but east/west VNET routing to the VMX as a gateway is glanced over in all Meraki documentation, while they simultaneously advertise it as being a simple way to manage your cloud environment. ... View more

TIL! Thanks.  ... View more

Hi,   You can deploy an Azure Function App or Logic App to a dedicated App Service Plan with VNET integration, and then route outbound traffic through an Azure NAT Gateway or Azure Firewall with a static public IP by whitelisting this static IP in your Meraki dashboard. This configuration ensures that all API calls to Meraki originate from a fixed, known IP.   Here is a discussion that might be of interest to you.   Need Cisco Meraki firewall logs on sentinel - Microsoft Q&A ... View more

Hey @JanJonsson , can you send me a direct message with the case number? I'll have a look 🙂    Giac ... View more

Well done everyone, a great way to finish 2024! ... View more

thank you, ... View more

Unfortunately, unless things change at Meraki, I think you're going to be in the same position I was -- Meraki will insist that you have to renew your entire dashboard *including* the 10 CA-90 licenses that still have a year's worth of value on them. Fingers crossed that they've fixed this before your renewal in 2 years! (Honestly, I don't know how this hasn't become a bigger issue if everyone using CA runs into this out of sync licensing renewal issue) ... View more

Thanks Shaun. yeah did the ICMP in the end.. very limited on the meraki unfortunately. Also trying to have meraki send alerts to our soar automation using playbooks to ingest tickets into our backend ticketing system.. but unable to separate security events from the WAN appliance with normal switch/wireless events on meraki side, which means more playbook customization 😞 ... View more

Thanks for all the answers. But it sounds like you all have the same answer as I myself suspected. well if we are lucky maybe there will be a beta soon. @BrickBR I agree with you and what you say is kind of what I'm after. ... View more

The error indicates the source IP you are running the call from is blocked on the destination organization. Unfortunately the API call is terminated by 403 from that organization preventing the other organizations from populating.  The IP restriction needs to be lifted.    However, if it is intermittent as you suggested then more investigation needs to be done to determine while IP the API call is coming from when it succeeds and fails.  ... View more