Hi all,   I did a switch migration test over the weekend and ran into an issue with our (6) MS250-48P switch stack not being able to reach the Meraki cloud and no internal endpoints reaching outside our network. We are switch from a standard Cisco switch to this new meraki switch. To give a bit of our topology background, Our existing "core" Cisco Catalyst 4510R switch does all of our layer 2 routing for our building but just 1 port has the ISP uplink which connects over to our Palo Also firewall interface to filter traffic. The firewall then routes back to the switch. I know this is a weird setup to have switch first then firewall but this is just how it was setup when I was here. On the MS250, The switch port for the uplink has been set to trunk with no native vlan set as well as an access port with vlan 100 to firewall traffic to our firewall. The firewall interface is assigned as trunk with no tag.    For some reason internet was not accessible with this setup but internal traffic was being routed. I talked with the meraki tech and he was puzzled as well. He mentioned it could be related to bridge priority not being set properly but even when we set that up still no internet. I am curious if someone has run into this issue as well or if anyone has an idea to make this work. Thanks!   EDIT: Added a topology image for reference to better explain my setup.   ... View more

Hi all we we ordered 6 new MS250-48P Meraki switches. We already paid for them and just planning out how best to set them up given our existing firewall setup.   To give a bit of background I work for a small non-profit with 1 office who does not have the biggest budget but enough so we can get something like these switches. Our server room consists of 1 rack for networking. We use 2 HA firewalls for our routing of traffic and VLAN creation so the majority of heavy lifting is done by our firewall. We currently have and are replacing a Cisco Catalyst 4500 series which has 6 blades  (thus the 6 switches) which was used an as access layer switch besides only 1 port feeding into our firewall for the uplink. We dont plan to have another ISP for redundancy and are a hybrid wfh office so if we did lose internet in the building everyone can go home until we can swap out the switch for another. Given that background I wanted to know what your thoughts are on setup of these new switches. Ideally any potential for redundancy without a significant cost increase would be great. Below is a rough topology of what I was thinking with a daisy chain layout. Not sure if that would be best though given if one switch goes down, the others don't get traffic.       This is my first time swapping out networking switches and networking gear of any kind so I want to make sure this is setup properly. If you have any suggestions and something that is totally wrong please let me know. Thanks! ... View more