Thoughts on Cybersecurity, WiFi and some other stuff
Part 1 of my “Roaming with WPA3-SAE” blog showed the roaming process in a centralized environment without any Fast Roaming mechanisms enabled. In this second part I’ll look into the roaming process with “Fast BSS Transition (802.11r)” enabled in a centralized environment. TLDR: From the moment the client and the
How does roaming with WPA3-SAE (WPA3-Personal) work? We have the SAE exchange that is done at the beginning of our wireless session to compute the PMK. But do we need this extra exchange when roaming, or is there some kind of a “shortcut”? When starting this blog-post I thought that
Part 4 of my hope to eventually get IPv6 from O2/Telefonica. From time to time I asked O2 when they will support IPv6 on my Business-DSL line. These were their previous answers: 2013: You don’t need IPv6 because we have “complete translation” 2014: IPv6 will be introduced at a later
In general, the Cisco ISE and Meraki devices play nicely together. But when doing 802.1X Authentication, the ISE hides some information and by enabling these, the Logs have a more relevant output. Let’s start: Vendor Specific Attributes Meraki Devices send four Vendor Specific Attributes (VSA) in the RADIUS requests: To
Last year I partnered with a new IT-consulting company to support them with their Cisco projects. And when they asked if I also want to go for Juniper Mist, I directly agreed. Every opportunity to do more wireless work is highly welcomed. Part of this was the qualification to the
Connecting the Meraki MX to an internal switched network? Sounds easy and if the network is build without any redundancy, it is very easy indeed: It can get a little bit problematic if redundancy is added. If you come from the Cisco ASA, you have tools like routed interfaces Port-Channel
Recently I had to implement Central Web Authentication (CWA) on a network that uses the Cisco Embedded Wireless Controller (EWC) on Catalyst 9100 APs. Configuration is not that hard, but there is some misleading information in the documentation. Although this blog post is about EWC, it is nearly the same
The support for AnyConnect VPNs is probably one of the most wanted features for Meraki customers. It was first announced at Cisco Live 2015 (at least that is where I first heard of it) and after no more than six years the first public beta (v16.4) is available. Lets look
The Problem: When looking at the configuration of a Meraki SSID (this is software version 27.5.1), there is no obvious way to configure MAC-based access-control and PSK simultaneously as it is possible with the traditional Cisco WLAN: We can configure either PSK or MAC-based access control, but the later without
For quite some time Cisco/Meraki was talking about a new Certification focusing on Meraki Technology. Two days ago Meraki announced the availability of this exam: Announcing the Cisco Meraki Solutions Specialist Certification The Cisco certification area has more details, most important the exam blueprint: Cisco Meraki Solutions Specialist When going