Site-to-site VPN tunnels between Meraki MX and Cisco ASA

As I wrote on my recent post here, I was involved into a project to implement a Meraki MX into the Azure Cloud. This project also includes a migration phase with site-to-site VPN tunnels between Meraki MX and Cisco ASA. Even if the “Non-Meraki VPN peers” are supported on the Meraki MX, you may have some surprises with the Cisco ASA. Here are some tips to avoid problems and save you time. The tests below have been made with MX version 14.31 (in beta at the time I write this…

Read More...

How to deploy a Cisco Meraki vMX100 into Microsoft Azure

Recently, I was involved into a project where we had to deploy a Cisco Meraki vMX100 into Microsoft Azure cloud and build site-to-site and clients VPNs. The setup process on Azure is relatively simple, however, I lost quite a lot of time on basic issues because the documentation provided by Cisco is not 100% accurate. Here are some tips and tricks to save you time.

Read More...

Extending the LAN with a Meraki wireless mesh link

Cisco Meraki access-points can operate as mesh repeaters, which allows them to extend the wireless network range. Since repeaters also support wired clients plugged into their wired interface, a repeater can be used to bridge a remote LAN segment back to the main network. This article explains how the LAN can be extended via a wireless bridge, including limitations and requirements.

Read More...

Meraki mesh networking tests

Wireless mesh networking is included and enabled by default in every Cisco Meraki AP. The goal is to create a self-healing network that is resilient to cable and switch failures. But, how does it works exactly? How does an AP choose between the existing neighbors? How can we monitor the status and performances of a mesh link? And as it is enable by default, is it possible to deactivate this feature?

Read More...

Cisco Meraki MX Static IP assignment via Dashboard

This morning, I received a notice about a Cisco Meraki MX firmware upgrade planned for a security appliance I have in my lab.   The message lists the new features: Layer 7 traffic classifications for VPN flow preferences Syslog export of AMP events Added support for using FQDNs in L3 firewall rule destination Threat Grid support for the MX60(W), MX64(W), MX65(W), MX80, MX90, MX84, and MX100 appliances Content filtering improvements Static IP assignment via Dashboard (via Appliance Status page) Device utilization reporting (via the new Summary Reports page) Performance, stability,…

Read More...