Community Record
14
Posts
2
Kudos
2
Solutions
Badges
Jul 13 2023
7:31 AM
I can't speak for the MR46's, but I have about 20 of the MR44 deployed in my organization. Environment is pretty open with low to medium density and they've shown to have great range and handle the traffic very well. The price vs performance difference between the two look to me like the MR44 is the better bang for you buck imo.
... View more
Jul 13 2023
7:17 AM
I second the client load balancing, depending on the environment. If you have an open space with quite a bit of overlap, this setting seems to cause more problems than it solves.
... View more
Jul 13 2023
7:15 AM
1 Kudo
We have a few older Surface Pros and they are a bear with the Meraki MRs. We had to update the firmware, and download the newest drivers and install manually outside of Windows Update. All the while our HP laptops and iphones were humming along perfectly. In our environment we had to disable WPA3 transition mode, turned off Client Balancing, and made some changes to the RXSOP settings to get them to properly roam. We have a large open warehouse space though.
... View more
I understand that's the easy route here, but I'd like to have this vlan cut off completely there and on the swtiches. I'm just trying to de-mystify the splash page. If I turn off the splash page, the vlan works well. Internet only and it's completely cut off with client isolation. I'm just missing a piece that's blocking the splash.
... View more
Ok community, I have an interesting issue. I'm attempting to move my guest network from the Meraki NAT to a bridged VLAN config (the reason for this is because Meraki NAT routes the traffic out through the management network to the internet, which on our firewall has no restrictions). So I've configured a VLAN and ACLs. I'll post them below. Long story short, the captive portal will not load and I can't find any documentation on where the Meraki captive portal actually resides or what I should add to the ACL to allow the captive portal. When I connect to this VLAN on the switch or from the WiFi without captive portal, everything swims along perfectly. I've tried the following troubleshooting steps: - Changed the SSID firewall setting to allow to LAN traffic - Removed the Client Isolation line of the ACL - Changed lines in the ACL to allow all traffic to and from the VLAN's Gateway address - Turned on Walled Garden and turned it off (Walled Garden says the Meraki splash is automatically allowed. I'm probably missing something really obvious here, but any help would be appreciated.
... View more
Jul 9 2023
2:33 PM
1 Kudo
Thanks everyone. From your responses, I looked into my browser and I have Malwarebytes Browser Guard turned on it it was filtering stuff from the Meraki dashboard. Turned off protection for the dashboard site and it worked exactly as you would expect with streaming new data into the save file. It's a great extension, but completely forgot about it running.
... View more
After some investigation on this issue, turns out the SSID's using the Meraki DHCP are essentially NATd out via the Management VLAN which has no inspection on our firewall which explains, in part, why Apple web based traffic was flowing fine through these SSIDs and the others were being inspected and subject to geoblocking. Resolution lied with adding an application policy for apple URLs on the firewall.
... View more
Jul 9 2023
1:03 PM
When taking a PCAP, I'll have the default 60 seconds for the length and wish to download to open in Wireshark. Most of the time, these pcap's download to my pc with seconds while the web interface says it's still in process, and the pcap file is not modified after that so instead of 60 seconds captured, it's just a few seconds. Anyone else experiencing this, and is there a setting or config I'm missing somewhere to take proper captures? Anyone try the CloudShark integration, and does that work with better results than the download option?
... View more
Labels:
- Labels:
-
Other
It's definitely not being blocked up stream on my firewall. I feel the other SSID that's using Meraki NAT and works rules that out as well. I do feel you're on to something with the iOS internet test. I turned off traffic shaping. I also have a L7 rule to block gaming. I may remove that as well to rule that out.
... View more
I'm using WPA2/3 transition mode shared passphrase on the SSID. On my phone I manually set the DNS server to google servers and didn't resolve the issue. I had traffic shaping enabled on it. Just tried turning it off. We'll see if that makes a difference. The only firewall rules I have on it are Allow to the LAN and blocking "P2P file sharing" and "Gaming". I may try turning those off if the traffic shaping doesn't fix it. Perhaps Meraki has a URL blocked in Gaming that would affect iOS from knowing it has internet connection?
... View more
I have a bridged SSID with a tagged vlan. DHCP is configured on the Meraki and it's handing out addresses with a local DNS server that's a Windows DC. DHCP is configured with option 15 and the text lists our domain name. Domain joined windows devices don't seem to have any problems. But iPhones will notify users that the WiFi does not appear to be connected to the internet and asks them if they'd like to keep trying or switch to cellular. When I select keep trying, I am getting internet on the iPhone. Apps load, sites, streams, etc. I keep thinking maybe it's something with the DNS server, but I have network app on my phone and I can query the server for all kinds of domains no issue. If I switch to an SSID that uses Meraki NAT, no issue. I don't mind Meraki NAT but this particular SSID has a lot of roaming clients and Meraki's documentation states to use the bridged mode for that to work best. Anyone run into this issue before?
... View more
Feb 15 2023
9:11 AM
In a previous life I was running Meraki APs with Cisco switches and we set the AP ports on the switches to trunk and portfast. I now have some MS switches and Meraki APs and I don't see the portfast option on the config. Should I disable RSTP on the trunk ports connected to the Meraki APs for a similar config or would a more experience Meraki admin recommend leaving RSTP enabled on those ports? The APs are MR44s with only a single port.
... View more
My Accepted Solutions
| Subject | Views | Posted |
|---|---|---|
| 2643 | Jul 9 2023 2:33 PM | |
| 1569 | Jul 9 2023 1:09 PM |
My Top Kudoed Posts
| Subject | Kudos | Views |
|---|---|---|
| 1 | 4850 | |
| 1 | 2643 |
