Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
About yaypingworks
yaypingworks
Here to help
Member since Oct 12, 2023
Friday
Community Record
18
Posts
7
Kudos
0
Solutions
Badges
Friday
Does band steering move 2.4ghz clients to 5ghz even if the signal strength of the 2.4ghz is better? If thats the case, why would I ever want to use this feature?
... View more
a week ago
Do you have layer 7 firewall rules defined on those SSIDs? If so, have you tested an SSID without those firewall rules? wireless > firewall & traffic shaping
... View more
a month ago
5 Kudos
This was it, we found that we were publishing the record for some reason. Thanks for the pointer!
... View more
a month ago
That shouldn't be the case as I tested on a fresh device yet still able to get to intranet.
... View more
a month ago
I have VLAN 2, with ACLs that first permit traffic to our intranet IP, then deny the rest of the LAN. VLAN 2's DHCP server is set to Google. I wasn't expecting this to work, but I am able to go to the intranet website via its FQDN, but how would that even be resolved? I flushed DNS records, did an nslookup and its saying 8.8.8.8 is giving the response. Ultimately, we want VLAN 2 to be able to access the intranet but i would like to know how this is working currently... I was expecting to have to change VLAN 2 to use our local DNS server in order to resolve the intranet FQDN. Edit: I cant resolve any other LAN devices, just the intranet
... View more
Dec 9 2024
11:43 AM
Input those addresses in firefox and it will bring you to your concentrator local page. We recently ran into the same deal. Meraki shenanigans
... View more
Dec 9 2024
11:39 AM
I need to do that as well for one site, but I was planning on just assigning a bogus IP address basically disabling it
... View more
Nov 15 2024
1:09 PM
We have an MX105 concentrator for our sites, we were doing nessus scans and were getting results for RFC 1918 addresses that dont exist in any of our subnets (nor were they found on client list)... Looking at the nessus trace route for one of these bogus addresses, we would see the final hop would be a public IP address... we had no idea what it was, but after doing a port scan i found out it was a meraki device. I entered the public IP into my web browser and it went to the local status page of our concentrator. (only accessible internally and not externally) That IP has no meaning to our organization. If anyone can provide insight as to why our concentrator is using this public IP address that would be appreciated.
... View more
Oct 29 2024
4:56 PM
I have an MX84. WAN 1 has IPv4 and IPv6 both are active. WAN 2 is IPv4 only (cellular backup). We were having intermittent packet loss on WAN 1 which would cause WAN 2 to take and give up the active roll over and over. So I changed WAN 2 to be the primary uplink, and it said active. Yet looking at the traffic monitor, no traffic was traversing WAN 2 even though it was set as primary, traffic was still using WAN 1. This led to cellular WAN 2 being completely useless. IPv6 on WAN 1 would still show as active, even if the connection would drop a few times. Do I need to change the failover from graceful to immediate or do I need to change the IPv6 address to something bogus? (So that if WAN 1 IPv4 fails maybe then it would finally use WAN 2?) Thanks
... View more
Oct 28 2024
8:13 AM
We tried setting up certificate based authentication a while back, it did not work with MS switches, Meraki support said they dont support it, only mac based or domain creds based authentication... however machine based certs do work on MR wireless... so i don't really understand what the difference is... take what i say with a grain of salt but thats what ive been told in the past.
... View more
Oct 24 2024
1:17 PM
If you can't connect by plugging in a computer into an access port set to the guest VLAN, check that all trunk ports are allowing the guest VLAN (ap trunk port, switch trunks, router port)
... View more
Oct 22 2024
4:03 PM
See if your APs support identity PSK, this way you can have 1 SSID and 3 different passwords that place you into separate VLANs. You will use meraki group policies for assigning VLANs and limiting access
... View more
Oct 22 2024
3:55 PM
1 Kudo
For BYOD, I recommend 802.1X where your employees will connect to Wi-Fi and enter their work credentials. You can have radius assign them into a VLAN that can't access internal resources, and once the employee leaves the organization they won't be able to use their login anymore
... View more
Oct 22 2024
3:42 PM
1 Kudo
Once I had an issue with iPSK SSID where only some devices could connect, some could not. Only affecting one location. The solution ended up being to disable the SSID and to rebuild it using one of the spare 'Unconfigured SSID #'. Head scratcher but maybe its a bug in Meraki and worth trying this
... View more
Oct 22 2024
2:40 PM
Hello, we have an MS220-24P, I see end of support was listed for July 2024. What exactly does that mean? Can the device still be used on the dashboard? What exactly am I losing? I just want to clarify, thanks
... View more
Aug 19 2024
2:46 PM
We use iPSK with group policies assigned to specific VLANs for our various wireless devices. Today I saw that at two locations devices that were supposed to be a part of VLAN 200 were actually assigned to VLAN 300, even though they still had the IP for VLAN 200 subnet (using DHCP) ... VLAN 300 is the native vlan trunk port that the APs connect to, why it put devices in that VLAN i dont know. Trying to connect to the SSID on a new device would fail saying 'cant connect to this network' I had to end up rebuilding the SSID and then things started working and getting the correct VLAN assignment. Its like that specific SSID setup just broke. Has anyone experienced this issue?
... View more
Aug 9 2024
4:52 PM
Our locations use Z3s, which are auto-vpn'd to an exit hub MX105 in our data center. I see online that a Z3 is capable of "Firewall Throughput - 100 Mbps, VPN Throughput - 50 Mbps". We are looking to get a new internet circuit installed for a Z3 location but I am confused, with our current set up, wouldn't it be futile to get circuit speeds over 50mbs since thats what the VPN is limiting ALL TRAFFIC to? Whats the point of 100 Mbs firewall throughput if we are running the auto vpn which then brings it to 50? And thats the whole selling point of meraki IMO is the auto vpn... Thanks!
... View more
My Top Kudoed Posts
© 2025 Cisco Systems, Inc.
