Archive for the ‘wireless’ Category

Meraki blocking File and Print on LAN

April 16, 2018

Trying to restrict a PC using group policy within Meraki.

I add the MAC addresses of wifi and Ethernet NIC’s and then proceed to restrict as much as I can through the reduced license that Meraki sell (not the bells and whistles version) and so I add everything I can think of that I would like to restrict…

Screen Shot 2018-04-16 at 4.45.18 PM

Which is all good… except when I try to get to the local file server.

Long story short, the “File Sharing” rule will kill any UNC or print connection!

Take out that rule and you’re good to get to the local shares and print to the local printer. The thing that got me was that I could ping the servers and printers – even setting up the printer too!

Anyway, in this case, delete rule #11 and you’re golden.

Advertisements

Setup a guest network with WAP371

September 10, 2015

OK this is going to be a bit of a long one. When I looked around the internet for a guide there was $#@& all so here is how you do it;

  • First you need VLANs. This might be obvious to some but not for all.
  • The default VLAN guest on Cisco stuff is 25, so you may as well just stay with that.
  • First off you need to setup a VLAN on the WAP371.
    • Click on Wireless.
    • Click on Networks.
    • Either choose a Radio for your guest network or setup a new SSID on both/one.
      • For that just click the Add button and name the guest network.
      • Strangely you will then need to tag the network and choose edit. Why it doesn’t go straight into an edit mode I don’t know…
      • Change VLAN from 1 (default) to 25. Give it a name… like Guest, choose your security, blah blah.
      • Click Save
    • So that’s it for your WAP371… now on to your switch/router.
  • I used an SG 200-08P
    • Login to that puppy – default username password is cisco/cisco in case you hadn’t worked that out by now.
    • Click on VLAN Management.
    • It should bring you to a page where there is only 1 VLAN – namely VLAN1 aka Default.
    • Click the Add button.
    • It will popup (turn off your popup blocker if you have one) a page. VLAN ID wants to be…. you guessed it….25.
    • VLAN Name can be anything but let’s stick with Guest for sake of consistency.
    • Now here’s a part that often trips people up. You need to click on Port VLAN Membership.
    • So we want the port that the WAP is connected to but ALSO the router.
      • Say we have the WAP connected to port 2 and the router connected to port 1.
      • Tag the g1 port.
      • Click Edit.
      • Yet another popup.
      • Click on the available 25 but also don’t forget to check the Membership box below.
      • Then you can click on the arrow to add it to the membership.
      • Click Apply.
      • Once it brings you back to the page of ports you should see Membership on port1 now reads 1U and 25T. (the U means untagged and the T means Tagged)
      • Do the same for the g2 port.
    • So that’s that then for the switch. The final part is the router!
  • My router is the RV325. A pretty widely used router for small businesses and one that ticks all the boxes for reliability and function. So far I have no complaints.
    • Again, login to the device.
    • Go to Port Management.
    • Click on VLAN Membership.
    • Now it should have 25 on there already but what you need to do is click Enable right at the top.
    • Click Save.
  • That should be it!