Meraki

Community
  • About ShaunB93

About ShaunB93

Re: Internal DNS server for proxy to upstream DNS

by in Security & SD-WAN
Monday
Monday
Also worth mentioning in case you are in this scenario.   If your client machines are running Cisco Secure Client with the Umbrella module, it is possible that your internal domains are configured within Umbrella as per Cisco Security In this case, DNS queries for configured Internal Domains are sent locally, all other DNS queries are sent directly to the Umbrella resolvers - these queries will be encrypted by default and thus the local MX is not able to see within the packets. The solution we use here is to use the L3 outbound firewall rules on the local MX to block encrypted DNS from the clients to the Umbrella resolvers whilst also excluding the Umbrella resolvers from the VPN full tunnel.  The client will fallback to sending unencrypted DNS queries to the Umbrella resolvers and the local MX will be able to observe the query and response for consideration of DNS-based VPN full-tunnel exclusion rules.  ... View more

Re: Proof of Concept: Routed Mode vMX in Azure on MX 19.1 with Advanced Sec...

by Kind of a big deal in Cloud Security & SD-WAN (vMX)
2 weeks ago
2 weeks ago
You have to delete the VMX, change the config in the Meraki Dashboard, and re-deploy the VMX. ... View more

Re: MX 26.1.1 - First beta

by in Security & SD-WAN
3 weeks ago
3 weeks ago
what is  VPN full-tunnel exclusion now includes source-based and NBAR application-based exclusion definitions. ... View more

Re: Access Manager Configuration EAP-TLS

by in Dashboard & Administration
‎Oct 29 2025 6:47 PM
‎Oct 29 2025 6:47 PM
Following the thread.. ... View more

Re: Configuring the Meraki vMX in Azure for Routed Mode with LAN/WAN Separa...

by in Cloud Security & SD-WAN (vMX)
‎Oct 10 2025 2:55 PM
‎Oct 10 2025 2:55 PM
In routed mode 19.x - vmx-LAN and vmx-WAN should be separate subnets under your workload vnet.  then in your host subnet under that vnet you can then change routetable to make the default 0.0.0.0/0 to point to the vmx-LAN IP.   just make sure that you have the proper meraki "addressing & VLANs" settings are applied in the meraki portal. LAN config correctly set to your azure provided vlan interface IP  static routes set to the workload vnet subnets (where the virtual machines are) with the next hop IP as the azure subnet route IP (not the vmx subnet LAN ip) referring to this section: When configuring your vMX appliance within an Azure subnet, it's crucial to understand Azure's IP address reservation scheme. Azure reserves the first four IP addresses in each subnet for essential network functions. For example, in the 192.168.1.0/24 subnet:   192.168.1.0: Network address 192.168.1.1: Azure default gateway 192.168.1.2: Azure DNS 192.168.1.3: Azure DNS     ... View more

Re: [CONTEST ENDED] It’s the Great Swag Giveaway!

by in Community Announcements
‎Aug 9 2025 9:25 AM
‎Aug 9 2025 9:25 AM
So why then organize a contest and write that your closet is bursting with gifts and everyone who leaves a comment will receive them. But how is it really? Half of them received them? How many did not receive them? I'm waiting 3 weeks instead of 3 days to read that you didn't calculate.?(( ... View more

Re: Meraki Secure Connect + Cloud WAN

by Kind of a big deal in Security & SD-WAN
‎Jun 2 2025 4:07 PM
2 Kudos
‎Jun 2 2025 4:07 PM
2 Kudos
You don't really need a VMX anymore with SecureConnect (if you are only using it as an AutoVPN hub).  You can build a VPN directly between Umbrella and an Amazon AWS VPN Gateway. https://docs.umbrella.com/umbrella-user-guide/docs/cisco-umbrella-data-centers   Otherwise, there is nothing special to it.  Just connect it like any other hub. https://documentation.meraki.com/CiscoPlusSecureConnect/Cisco__Secure_Connect_Now-_Sites     ... View more

Re: IP Restriction for Azure Cloud on Meraki MX75, MX105

by Kind of a big deal in Security & SD-WAN
‎May 16 2025 4:36 AM
‎May 16 2025 4:36 AM
Hi,   You can deploy an Azure Function App or Logic App to a dedicated App Service Plan with VNET integration, and then route outbound traffic through an Azure NAT Gateway or Azure Firewall with a static public IP by whitelisting this static IP in your Meraki dashboard. This configuration ensures that all API calls to Meraki originate from a fixed, known IP.   Here is a discussion that might be of interest to you.   Need Cisco Meraki firewall logs on sentinel - Microsoft Q&A ... View more

Re: [Service Notice] Unexpected MX reboots

by Meraki Employee All-Star Meraki Employee All-Star in Security & SD-WAN
‎Apr 30 2025 2:24 AM
1 Kudo
‎Apr 30 2025 2:24 AM
1 Kudo
Hey @JanJonsson , can you send me a direct message with the case number? I'll have a look 🙂    Giac ... View more

Re: Recognizing the December 2024 Members of the Month

by Kind of a big deal in Community Announcements
‎Jan 12 2025 11:20 AM
‎Jan 12 2025 11:20 AM
Well done everyone, a great way to finish 2024! ... View more

Re: vMX resources group creation error

by in Cloud Security & SD-WAN (vMX)
‎Dec 19 2024 5:28 AM
‎Dec 19 2024 5:28 AM
thank you, ... View more

Re: Cloud Archive License Renewals Confusion - Co-Term or Per-Device?

by in Smart Cameras
‎Jul 30 2024 10:12 AM
2 Kudos
‎Jul 30 2024 10:12 AM
2 Kudos
Unfortunately, unless things change at Meraki, I think you're going to be in the same position I was -- Meraki will insist that you have to renew your entire dashboard *including* the 10 CA-90 licenses that still have a year's worth of value on them. Fingers crossed that they've fixed this before your renewal in 2 years! (Honestly, I don't know how this hasn't become a bigger issue if everyone using CA runs into this out of sync licensing renewal issue) ... View more

Re: Monitoring MX from Solarwind

by in Security & SD-WAN
‎May 23 2024 11:35 PM
‎May 23 2024 11:35 PM
Thanks Shaun. yeah did the ICMP in the end.. very limited on the meraki unfortunately. Also trying to have meraki send alerts to our soar automation using playbooks to ingest tickets into our backend ticketing system.. but unable to separate security events from the WAN appliance with normal switch/wireless events on meraki side, which means more playbook customization 😞 ... View more

Re: VMX on VMware/HyperV ?

by in Cloud Security & SD-WAN (vMX)
‎May 18 2024 2:10 PM
‎May 18 2024 2:10 PM
Thanks for all the answers. But it sounds like you all have the same answer as I myself suspected. well if we are lucky maybe there will be a beta soon. @BrickBR I agree with you and what you say is kind of what I'm after. ... View more

Re: Random 403s on GetOrganizations from IP Restricted Org

by Meraki Employee in Developers & APIs
‎May 17 2024 11:43 AM
1 Kudo
‎May 17 2024 11:43 AM
1 Kudo
The error indicates the source IP you are running the call from is blocked on the destination organization. Unfortunately the API call is terminated by 403 from that organization preventing the other organizations from populating.  The IP restriction needs to be lifted.    However, if it is intermittent as you suggested then more investigation needs to be done to determine while IP the API call is coming from when it succeeds and fails.  ... View more
My Accepted Solutions
View all
© 2025 Cisco Systems, Inc.