Meraki

Community
  • About PhilipDAth

About PhilipDAth

Re: ap won't book becuase of console

by Kind of a big deal in Wireless
6 hours ago
6 hours ago
Is the AP behaving now? ... View more

Re: Firewall rules - applying to specific vlans

by Kind of a big deal in Security & SD-WAN
9 hours ago
2 Kudos
9 hours ago
2 Kudos
I feel where you are coming from @CarlT , as the Meraki approach seems different.   As @ww has said, you can create firewall rules in a group policy and apply them to a VLAN.  HOWEVER, these are stateless.  You have to have rules that allow return traffic.   As @alemabrahao has mentioned, you can do this with the outbound firewall rules. These are stateful. I use this approach the most.   You can also take a more holistic view, and if you have mostly Meraki kit with C9300 switches, you can also use Adaptive Policy.  This lets you apply tags to devices, and then the traffic is filtered as it enters the port of the network.  This is the info on using ACLs with Adaptive Policy. https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Adaptive_Policy_Configuration_Guide#Creating_Custom_ACLs   Personally, for my larger clients, I am going to start using Adaptive Policy as the primary mechanism for policy enforcement. Then, outbound firewall rules, and lastly, group policy attached to a VLAN for simple cases (like a guest network, an IoT network, etc.). ... View more

Re: Is there any way to update my email address here?

by Kind of a big deal in Community Tips & Tricks
10 hours ago
10 hours ago
Do you work for a Cisco partner by chance? https://www.cisco.com/c/en/us/about/help/login-account-help.html#~change-password   ... View more

Re: ap won't book becuase of console

by Kind of a big deal in Wireless
10 hours ago
10 hours ago
What does the switch say if you ask it to test the cable? https://documentation.meraki.com/MS/Monitoring_and_Reporting/Using_the_Cable_Test_Live_tool   ... View more

Re: New to Meraki with an Advanced Mixed Environment Challenge

by Kind of a big deal in New Meraki Users
10 hours ago
3 Kudos
10 hours ago
3 Kudos
That sounds reasonable. Create a VLAN on the MX and plug the Unify's WAN into that for its Internet. https://documentation.meraki.com/MX/Networks_and_Routing/Configuring_VLANs_on_the_MX_Security_Appliance   ... View more

Re: MX 95 WAN 1 MA-SFP-1GB-LX10

by Kind of a big deal in Security & SD-WAN
yesterday
2 Kudos
yesterday
2 Kudos
I would try a firmware update if on 18.211.5.2 (in desperation).  19.1.8 is the current stable release candidate. ... View more

Re: EAPOL: Invalid message integrity code (MIC)

by Kind of a big deal in Wireless
yesterday
yesterday
Try upgrading the WiFi drivers on the devices having the issue.  It is often a buggy driver issue. ... View more

Re: Meraki Cloud Authentication - WPA3 Enterprise

by Kind of a big deal in Wireless
yesterday
1 Kudo
yesterday
1 Kudo
Note that WPA3 has poor device compatibility at the moment. It is difficult to roll out in production without breaking some devices. The approach mostly being used at the moment is to create a new WPA3 SSID and only move those devices across that work reliably.   I could see it being another couple of years before WPA3 can be generally rolled out.   On top of this, you also need Meraki to add WPA3 support for Meraki Cloud authentication for you. ... View more

Re: Juniper Campus Fabric WAN Meraki MX Integration

by Kind of a big deal in Security & SD-WAN
yesterday
yesterday
https://documentation.meraki.com/MX/Networks_and_Routing/Configuring_VLANs_on_the_MX_Security_Appliance   ... View more

Re: Switch firmware upgraded in network without admin

by Kind of a big deal in Switching
yesterday
6 Kudos
yesterday
6 Kudos
If you don't keep the firmware up to date on your switches by scheduling them yourself, Meraki will automatically schedule it. Admins will get an email warning them about this happening.   https://documentation.meraki.com/General_Administration/Firmware_Upgrades/Managing_Firmware_Upgrades   ... View more

Re: Several times a day - 'Disabled Gateway' for 15-45 seconds

by Kind of a big deal in Security & SD-WAN
yesterday
yesterday
This is not a common issue for an MX.  Is the MX running a current stable or better firmware?   You could try opening a support case and see if Meraki can see anything going wrong in the backend.   You could try replacing the patch cord connecting the MX to Verizon (clutching at straws here).   Is there any chance the ONT could have experienced a power failure? ... View more

Re: Load Balancing on MX84 with different ISPs

by Kind of a big deal in Security & SD-WAN
yesterday
6 Kudos
yesterday
6 Kudos
You need to change this from an Access port to a Trunk port.     ... View more

Re: Load Balancing on MX84 with different ISPs

by Kind of a big deal in Security & SD-WAN
yesterday
2 Kudos
yesterday
2 Kudos
The individual ports that the APs connect to need to be trunk ports, to allow VLAN30.  You can make the native VLAN10 if you like. ... View more

Re: Best practice for the IPSec VPN health check host?

by Kind of a big deal in Security & SD-WAN
yesterday
yesterday
I didn't know this feature existed.  Cool! ... View more

Re: MX 95 WAN 1 MA-SFP-1GB-LX10

by Kind of a big deal in Security & SD-WAN
yesterday
yesterday
The SFP can only be selected after a reboot (when used in a WAN port). So, if you haven't done that yet, power cycle it.   >manually select SFP and Manual 1gbps full   I would not do this.  An SFP should not need this configuration.   Otherwise, I bet this is a firmware issue.  Have you tried a firmware update? ... View more

Re: L7 rules for inbound traffic

by Kind of a big deal in Security & SD-WAN
Tuesday
2 Kudos
Tuesday
2 Kudos
Geographic L7 rules apply both inbound and outbound. ... View more

Re: Why no option for traffic and firewall shaping on Meraki wifi

by Kind of a big deal in Security & SD-WAN
Tuesday
Tuesday
Are you a full admin or a network admin in the networks where you can't see those options? ... View more

Re: MX series vs Z series devices

by Kind of a big deal in Security & SD-WAN
Monday
Monday
The MX65 is going EOS.   So there is nothing in between. ... View more

Re: MR57 WiFi clients on bridged SSID can't access local LAN

by Kind of a big deal in Wireless
Monday
Monday
Is client isolation enabled? https://documentation.meraki.com/MR/Firewall_and_Traffic_Shaping/Wireless_Client_Isolation   ... View more

Re: Using MR86 with Verizon router - internet only access

by Kind of a big deal in Wireless
Monday
1 Kudo
Monday
1 Kudo
It doesn't matter whether you use Meraki DHCP mode or not.  Clients wont be able to talk to anything on the local LAN. ... View more

Re: Using MR86 with Verizon router - internet only access

by Kind of a big deal in Wireless
Monday
5 Kudos
Monday
5 Kudos
Use the "Deny Local LAN" option. https://documentation.meraki.com/MR/Firewall_and_Traffic_Shaping/'Deny_Local_LAN'_settings_in_Cisco_Meraki_MR_firewall   ... View more
My Accepted Solutions
View all
© 2025 Cisco Systems, Inc.