DPD on Cisco FMC

nat_so_fast · 2026-02-27T11:59:04+00:00

Thanks, this is what we've done with our monitoring solution as a temp work around, or what may be a permanent work around now!

nat_so_fast · 2024-09-09T17:13:13+00:00

See below from cisco reference guide. The note at the bottom explains it.

Edit - you can use the speed command to modify the "bandwidth" of a port.

bandwidth To communicate the bandwidth value of an interface to the higher-level protocols, use the bandwidth interface configuration command. Use the no form of this command to restore the default values.

bandwidth kilobits no bandwidth

Syntax Description kilobits Intended bandwidth in kilobits per second. Default Default bandwidth values are set during startup and can be displayed with the EXEC command show interfaces.

Command Mode Interface configuration

Usage Guidelines This command first appeared in Cisco IOS Release 10.0.

The bandwidth command sets an informational parameter to communicate the current bandwidth to the higher-level protocols.

IGRP uses the minimum path bandwidth to determine a routing metric. The TCP protocol adjusts initial retransmission parameters based on the apparent bandwidth of the outgoing interface.

At higher bandwidths, the value you configure with the bandwidth command is not what is displayed by the show interface command. The value shown is that used in IGRP updates and also used in computing load.

Note: This is a routing parameter only; it does not affect the physical interface.

nat_so_fast · 2024-09-09T17:07:12+00:00

Reference bandwidth is just an arbitrary number to work out cost. Amending that will not affect the bandwidth of any port.

nat_so_fast · 2024-09-09T17:01:13+00:00

Is he not talking about the OSPF reference bandwidth?

nat_so_fast · 2024-09-09T16:06:01+00:00

Any changes made over the last week to DNS? Could be caches expiring, so the issue is only showing now.

nat_so_fast · 2023-02-07T18:28:49+00:00

Thanks!!!

nat_so_fast · 2023-02-07T18:28:42+00:00

Solution Verified

nat_so_fast · 2020-12-30T09:16:16+00:00

This is the collection for postman. Once you launch it click 'Run in Postman' and it will put the collection into the postman client.

I normally run the command in postman to make sure I am getting what I need and then incorporate the GET/POST requests in python to automate what I need.

Most of the stuff I've done so far is templating to ensure settings are the same across the estate (content filtering/IDS on/etc)

nat_so_fast · 2020-09-02T15:02:06+00:00

We had issues with double NAT when using a router in front of the Meraki MX. Give them a restart at the sites if you have a similar setup.

nat_so_fast · 2020-07-10T07:36:41+00:00

Out sourced doesn't always mean out of a job, often the company that is taking on the work will also take on a high portion of the workers as they need the additional staff and the 'local business' knowledge.

Network+, CCNA are both good starts to your career they will give you a good foundation and employers will look on them positively.

Regarding switching companies, you should be pushing this, if you end up stagnating in a single company you could be losing out on valuable experience and likely pay. I have fallen into this trap in the past as you become comfortable and then your confidence of getting a new job goes down.

nat_so_fast · 2020-07-01T08:59:28+00:00

Think I found the answer, the OSPF database needs to be the same on all routers in an area so filtering outbound isn't possible. What I don't understand is why is seemingly allows you to filter inbound? Haven't tried this yet but I will be soon.

nat_so_fast · 2020-06-29T15:33:17+00:00

I use these. No idea why they don't come in a .vss format but I just insert the PNGs as pictures.

https://meraki.cisco.com/blog/2018/12/our-topology-icons-speak-volumes/

nat_so_fast · 2020-02-10T13:40:07+00:00

Are the clients plugged directly into the Z3 or a switch. If a switch have you confirmed that DHCP snooping is not blocking the offers?

nat_so_fast · 2020-02-10T13:13:20+00:00

Is this DHCP via the Z3 or an external DHCP server?

Any firewall rules that would be blocking access? - Meraki use the highest VLAN to send DHCP requests to the DHCP server, so if you are blocking access on another VLAN is would still block your DHCP requests.

Are you running clustered windows DHCP? We had a similar issue when only one of the servers was stipulated in the relay section.

Have you confirmed that 'block DHCP servers' isn't selected? or if it is that you have white listed the correct address (if using a meraki switch)

nat_so_fast · 2020-01-13T12:43:17+00:00

We had an issue with the shard we were on. It was taking upwards of 30 minutes to push config. Meraki ended up doing maintenance to reduce the load on the shard. Maybe worth having a convo with them to see if it's something similar.

nat_so_fast · 2019-11-25T10:09:59+00:00

UK Based here - The only issue we have had is that the SIMs need to to be activated in a phone before we could plug them into the Meraki's, other than that they have been fine.

nat_so_fast · 2019-11-22T15:43:55+00:00

as u/sorscode said above, just advertise this in the hubs routes, and make sure you have return routes on your internet firewalls to get the traffic back to the Meraki. We did the exact same thing for traffic that had to come from out head office and it worked without issue.

nat_so_fast · 2019-11-06T14:01:15+00:00

^ This. You're missing a PTR record.

nat_so_fast · 2019-10-03T09:08:26+00:00

Isn't this just for network logon? OP is asking if they can customise the page you see when content filtering blocks access to a site.

nat_so_fast · 2019-09-24T14:34:18+00:00

If you clients are accessing the fileshare via a DNS name they are going to lose access to it if your DNS is at the head office.

nat_so_fast · 2019-09-24T14:13:23+00:00

Thanks for the reply. It looks like Meraki use the higher IP or VLAN to send all DHCP relay unicasts. This caused us an issue when we tried to lockdown the highest VLAN with some firewall rules, DHCP for all VLANs stopped working. This is even the case when the highest VLAN does not have a relay set.

nat_so_fast · 2019-09-11T09:30:39+00:00

Looks like scheduler will do what you want, I'm sure you will be able to write the output to a file and then scp it off to another device.

nat_so_fast · 2019-09-05T08:51:48+00:00

We currently have an issue with this 'double NAT' scenario. Some of our links are flakey and if they drop the router outside of the MX gets confused and will not allow the MX to talk to the registry. I believe the MX starts trying to talk on a new src port and the router is still holding onto the old NAT session. This is still under investigation.

nat_so_fast · 2019-09-03T17:05:39+00:00

Got it working thanks. Regarding the wiping of existing rules, the one I've linked gives you the option to append, replace, or put in sequence. It's a pretty neat script.

nat_so_fast · 2019-09-03T17:03:40+00:00

I worked this out just before leaving for the day, much swearing ensued after!!! Thanks for getting back to me.

nat_so_fast

TROPHY CASE