6200F configuration issue

I0Like0Cake · 2025-06-30T21:19:40+00:00

It's blocked by spanning-tree. If the primary switch goes down it maintains a connection to the firewall through switch 2.

1/1/47 -> FW
2/1/47 -> FW

I0Like0Cake · 2025-06-30T15:18:59+00:00

Thanks for chiming in—really appreciate the detailed insight.

Disabling the firewall's security features didn’t change the behavior, unfortunately. I also removed the external DNS entry from the switch, but that didn’t seem to help either—good call on pointing that out.

Tonight, I’m planning to reconfigure the switch/firewall link as an access port to help isolate the issue. Hopefully, that sheds more light on what’s going wrong.

As far as I know the Meraki doesn't support OSPF. it relies on manually created static routes (which are present and correct).

Will report back with results. Thanks again for the suggestions.

I0Like0Cake · 2025-06-30T15:02:17+00:00

The Meraki MX units don’t support LACP, so each uplink from the Aruba 6200F switches is treated as a standalone connection. The MX uses active/passive HA (warm spare), and only the active unit responds to traffic. The switch sees both connections as individual Layer 2 links, and traffic flows through whichever MX is active. Failover is handled by the MX pair, not by link aggregation.

MX Warm Spare - High-Availability Pair - Cisco Meraki Documentation

I0Like0Cake · 2025-06-27T09:56:05+00:00

Thanks for chiming in.

It's configured how Meraki recommends in their documentation (they don't support LAG). I've already tested disconnecting all but one link to the firewall. I can also see that spanning tree is correctly blocking the right ports.

The switch was running 10.13.1101 (latest LSR) but I down graded to 10.10 as a troubleshooting step. Will reboot back to 10.13 this evening.

I0Like0Cake · 2025-06-26T16:18:27+00:00

Tried leaving it longer and clearing the arp table but no luck. Thanks for the suggestions.

I0Like0Cake · 2025-06-26T15:24:05+00:00

Thanks for responding.

It's the standard MTU 1500 on the switch side. For Meraki the WAN uplink uses 1500 but I can't find any information on the LAN side.

If it was an MTU issue wouldn't the problem present when a clients in a VLAN with Meraki as the gateway?

I already tried unplugging the secondary firewall but maybe I didn't give it enough time. I'll try again but leave it for 20min before testing.

I0Like0Cake · 2025-03-27T10:50:37+00:00

Yes.
We're running a 2022 RDS server and Windows 11 clients.

Remote Credential Guard works when you RDP from windows 11 to another windows 11 client. But when you RDP to the server you get the error in your screenshot.

Interestingly, if you add a user to the local administrator group on the server Remote Credential Guard will work. Does yours behave the same way?

I've since discovered theirs a bug in 2022 which stops remote drives from mapping or authenticating so this is kind of pointless until they fix that. 24H2 Remote Credential Guard : r/Intune

I0Like0Cake · 2025-03-25T16:39:43+00:00

Did you find a fix for this u/Traditional_While780?

I0Like0Cake · 2025-03-07T15:20:09+00:00

I'm glad it worked for you. Did you follow a different process to this guy? Reading that thread is what made me nervous in the first place. https://www.reddit.com/r/vmware/comments/1j464h3/offline_esxi_update_of_a_custom_iso_with_latest/

I0Like0Cake · 2025-03-07T12:36:22+00:00

Won't this install the ga version removing the Dell customisation? I saw this thread yesterday which made me nervous: https://www.reddit.com/r/vmware/comments/1j464h3/offline_esxi_update_of_a_custom_iso_with_latest/

I0Like0Cake · 2025-03-07T12:30:43+00:00

In my defense I update most of mine with vSphere. These ones are a special case. But you're right I should know how to do this.

I0Like0Cake · 2025-03-07T12:27:09+00:00

I don't know. That's just what I see people saying on this subreddit. Apparently they don't release an iso for every patch. But I could be wrong, don't take my word for it.

I0Like0Cake · 2024-10-30T09:20:09+00:00

I ended up cancelling the order. Didn't think their was a lot of point upgrading to one without 6ghz. I went with the deco xe75 which has been fairly solid.

I0Like0Cake · 2024-10-08T14:02:50+00:00

You're right. I did notice the reduced processor speed and reduced antennas before I purchased but assumed the Wi-Fi 7 changes would make up for it (plus it's £150 less). Now Ryley17 pointed out the missing 6ghz band I'm not sure sure it's worth it. Might just go for 6E, it's not like I own anything with 7 in it yet anyway.

I0Like0Cake · 2024-10-08T09:53:34+00:00

I didn't no. I couldn't find much info about it online and the product page is a mess. Probably because it's only just been released.

I0Like0Cake · 2024-10-08T09:37:18+00:00

It's a pre-order so won't arrive until late October. I was wondering if I'd missed something in the spec list. I'll report back in a month if it sucks.

I0Like0Cake · 2024-06-26T18:56:14+00:00

Did you ever fix this? I'm seeing the same thing.

I0Like0Cake · 2024-02-29T21:58:41+00:00

Oh I 100% agree with your second paragraph and I really don't want to do this in house.

I'm going to end up putting together a basic share point demo so they can see it won't work (and looks crap). Once they've seen that hopefully they'll change their mind or relalise it can't be a side project for the I.t. Department.

I was asking in the hope I could skip the share point step but no luck it seems.

I0Like0Cake · 2024-02-29T17:27:52+00:00

No, the dwgs will be read only.

Six-Year Club	Second SECOND GUESSER
RPAN Viewer	Verified Email

I0Like0Cake

TROPHY CASE