Meraki CAN do 2.4Ghz only on wireless

If you look in your Meraki Dashboard you will see the following options for an SSID.

Your options are Dual Band, Only 5Ghz,  or Dual Band with Steering.    What no 2.4Ghz only??

Screen Shot 2015-08-21 at 9.57.40 PM

In some challenging wireless environments, specifically those where you do not have 100% coverage, and especially those with a lot of concrete, leaded glass and other RF challenges – 5Ghz can be problematic.  Some devices just love to hold on to 5Ghz connections even if the 2.4Ghz signal is better.    We do not always have control of our clients as well, especially in a guest world.

To help in these challenging environments, I have found that disabling 5Ghz outright keeps clients on 2.4Ghz and then they do not roam around as much and signal penetration is better.

There are many reasons why you might want to force users on to 2.4Ghz.

  • You want to band segregate users groups –   Voice or Corporate users on 5Ghz, and Guests on 2.4Ghz
  • You have challenges in the 5Ghz world, due to co-existence with another network, interference or environment.
  • You are integrating with an existing network and want band parity
  • You are in a region where 5Ghz can not be used

Well, there is a solution!    As with many things in the Meraki world — this CAN be enabled in your dashboard, but only Meraki support can do it.   Simply do what you do all the time,  open a case and ask for 2.4Ghz to be enabled in your dashboard.

Screen Shot 2015-08-21 at 9.56.31 PM

There it is!  2.4Ghz band Only is now an available option.  The questions is — why do I need to keep asking for really basic things by calling support.

Advertisements

Meraki goes iWAN, but retires a marketed feature.

Cisco iWAN

If you have not read up on Cisco’s iWAN architecture it is pretty cool stuff.     I will not explain the entire concept, but provide you a link to read on.

http://www.cisco.com/c/en/us/solutions/enterprise-networks/intelligent-wan/index.html

The concept is pretty simple, instead of having a WAN circuit like an MPLS, and then an Internet with a VPN backup that is inactive,  Intelligent WAN will let you use both the WAN and the VPN at the same time based on all sorts of things, link performance, latency and application routing.  It is all based on PFR and various topics which I will admit – I am not that good at, I have however looked at it, and it is VERY complicated.   After speaking with a colleague who set it up, his message was “It works well, but it was hard to setup and get working properly”

Meraki Goes iWAN!

Today Meraki announced more details about how they are adding iWAN technology to their portfolio.

Link here – https://meraki.cisco.com/iwan

They explain it pretty simple – Dual Active Path and intelligent path control.     If Meraki can bring the Meraki simplicity to something as complicated as iWAN  — All I can say is, bravo.   This is not a simple technology to setup, and Meraki has a history of making the complicated simple.    As soon as I can get my hands on this I will be testing it out, I have a few clients that will be extremely happy to hear about this.

Imagine if your Intranet, Sharepoint site, and other services could be sent over Internet VPN, and file sharing over expensive WAN links.     The savings could be significant, and now iWAN can be used by the SMB marketplace.     I know that @networkingnerd is always asking the question — is Meraki Ready for Enterprise  — if they keep doing things like this — and if the implementation is good this will be a huge step forward.

Now for the down note.

Meraki removes WAN Optimization

This is not the first time Meraki has retired a feature, some of the MR series used to support PPPoE  as an example.

To quote a recent email blasted from Meraki

After careful review, Cisco Meraki has determined that the current WAN Optimization feature in the MX Security Appliance product line does not meet the quality standard that our customers and partners deserve. As a result, the decision has been made to retire the WAN Optimization feature. This will allow the Meraki team to focus efforts on providing the best security platform in the industry for distributed networks.

   Wait a second — Didn’t Meraki market this feature – as an example in this blog post.   What if a customer purchased this feature only to find out that

  1. They are removing it by end of 2015
  2. You are forced to implement a new feature which means possibly bringing in a partner or support person to help
  3. Between now and the end of 2015 there will be no more bug fixes

How would you feel if you were marketed this feature, and then it is removed, with no idea on how the new feature will function and if it will provide the same features or not.

    The argument could be made that if you purchased a NON Cloud product, and that feature was working just fine – you could keep it because it works for you – however in this case Meraki because of the cloud controller concept is removing a feature regardless of how the end user customers feel about it.     While I am sure if I pour through the fine print at Meraki Policies there is something that says “Yeah we can just remove features you paid for”

     This is the kind of stuff that makes people nervous about “Cloud” controlled products.    We will see how this ends up.

Getting Squiddy With it with Meraki MX

Everyone here who has used web caches, or Squid proxy knows that sometimes — it just doesn’t go as planned.

Meraki MX devices have an option for this…   Security Appliance,  Traffic Shaping

webcache

Enabling this turns on the Squid Proxy.  So if you have sites with issues — you would turn this off too during troubleshooting — as I did.

Well here is the problem —- there are three ways to enable Squid that you don’t know about

1) Enabling HTTP Content Caching in the Traffic shaping

webcache

2) Enabling “Full List” for the URL Category Size in Content filtering

3) Enabling Web Search Filtering

4) Enabling Youtube for Schools

fulllist

Unless these options are set as above — SQUID PROXY IS ON.   I have caught Squid malforming HTTP requests in the past, and had it happen recently with a proxied session that didn’t like being proxied (yes say that 5 times fast)  bottom line, until I set as above – Squid was on and there is no real way to know.

So when in doubt – lose the calamari and test your surfing.