I've been a Meraki MX user since Nov '14 and I think it's a great product but it lacked a community for it's users to collaborate on the direction we want the product to go in with new features. I want this to get the attention of Meraki and hopefully they'll join us in implementing these features.

1/4/16 Update: Meraki has begun responding to various posts!

Right now this site running on the free version of UserEcho so it doesn't have some features I'd like it to have (such as tagging).

Rob Geoghan
rgeoghan {at} gmail.com


Log internet and network latency

Rob Geoghan 6 years ago updated 5 years ago 3
I recently had an issue where my Meraki MX slowed to a crawl. I was getting 200-500ms pings to anything behind the MX for 30 minutes and then it resolved itself.
It would have been helpful if I and/or support had logs on the latency between my MX and the internet as well as allowing me to setup logging of latency to other network devices.

Quick access to application policy

Rob Geoghan 6 years ago 0
I wish I could right click a high usage application (remote desktop) in my case and get options to apply a block, traffic shaping, etc.

VPN name created by System Manager

Thomas Witzel 8 months ago 0


Whenever I create a policy in Meraki system manager to send VPN settings to our Mac OS users, the VPN on the clients is named "MX84 Firewall". We also have multiple VPNs, so the names become "MX84 Firewall 1" and so on. Is there any way to generate a policy automatically that uses a custom name? 
The alternative is to configure the VPN settings manually in a System Manager policy, but that doesn't appear to allow the user information etc. to be automatically set for each client. What am I missing?

Thank you for your help,



Privacy Masking for the MV product line

Ronny Andreassen 3 years ago 0

Force Internet back on primary port when it was offline and came back

norbert_huebner 4 years ago updated by Rob Geoghan 4 years ago 1


recently I came across a missing “feature” in the MX routers. I am working in Papua New Guinea, where many technical things are very unreliable. The internet in PNG is not very stable. In one of our location we have a Panasonic IP-Phone System (TDE-600) that is using VOIP providers. We have a dedicated MX-60 for the phone system.

On the MX-60 we use two ISP. On WAN 1 (our primary) we have a low latency internet connection, on WAN 2 a VSAT internet connection (slow and high latency). The MX60 use WAN 1 as the primary internet connection and the WAN2 port only as backup. Also our Panasonic IP Phone System has two IP addresses, one that is be using for the VOIP signalling and the other one for the VOICE DSP that is handling the pure voice traffic during the conversation. Now here is the problem. As long as WAN 1 works  everything works fine. The VOIP signalling traffic and the VOICE traffic itself goes through WAN 1 and we can make and receive phone calls. When WAN1 fails the MX forces all traffic immediately going to WAN 2. That works fine. However, soon as WAN 1 comes back online the MX routes all new traffic to WAN 1, the existing traffic stays on WAN 2. This was designed in order not to interrupt existing TC/IP flow. In our case the VOIP signalling traffic stays on WAN 2 (because the phone system contacts the VOIP provider constantly). If I now try to make a phone call the new VOICE traffic (from the second IP of the phone system) is routed through WAN 1, but the signalling traffic stays on WAN2 and this caused that I can’t hear the other party. The only way to fix this problem is manually disconnect WAN 2 and then connect WAN 2 again. This force the MX to use WAN 1 again as primary port for all traffic. One of the MX technician told me that I need to request the “feature” to force the MX to route all traffic immediately  to the main WAN port when it comes back online.



Move off of SMS 2fa MFA

Rob Geoghan 4 years ago updated 4 years ago 2

SMS as a second factor is no longer suggested by the experts. Please move to the authenticator apps.


Improved summary page links

Rob Geoghan 5 years ago 0

I wish that from the summary page I could click on the top clients, blocked sites, categories, etc.


DHCP Reservations not show in DHCP leases on appliance status page

Rob Geoghan 6 years ago 0
I have several devices that have DHCP reservations setup and they've been working fine. The bug in my opinion is that they aren't listed in the DHCP leases on the appliance status page. Also renamed clients aren't showing their renamed name (couldn't think of a better way to put it) there either.
Support responded that this is not a bug so I put in a feature request.

Global VLANs

Rob Geoghan 6 years ago 0
It would be nice if you could have your servers (not specific to servers) in a specific VLAN that is routable behind any MX in your organization.  This would make failing over easier since you wouldn't need to deal with changing the private/interal IP addresses.

Ability to manually fail over a site to site VPN

Rob Geoghan 6 years ago 0
I had a unique situation where two sites from two different providers were both online but there was a routing issue between the two providers.  These two sites had two WAN connections but the site to site VPN only goes between the two primary links.  I needed to wait for TWC and Verizon to fix the issue.  I would have liked to been able to failed over just the site to site VPN.