I’m at 54, how about you?

(Upate: This post has been sitting in drafts for well over a year, our network has changed.)

A couple years back, maybe more, I did this–changed a setting to 54Mbps. My office wireless network is set at 54Mbps minimum supported rate. I said heck why not do 54 and see what happens. OK, for the details of what my network is running and why. First off, we run Cisco Meraki wireless, it does exactly what I want and expect. Our network consists of simple L2/L3 designs, pretty cookie-cutter, darn near everything is Cloud based. With being Cloud based we just need WAN access. We have roughly 18 VLANs, even for a few simple things like printers, those go on a dedicated VLAN. Also, I take the approach of “if it has a network port, make it wired”. Along with isolating devices with VLANs, we also run an entire Apple environment, i.e. all iPhone, iPads and MacBooks(generally within 24 months of the latest physical device released–for the most part all latest-gen). With this approach, I don’t have to go around guessing about what wireless card driver versions are installed, did Windows 7/10 overwrite a newer driver etc… (yes, I did mention Windows 7, we have some legal software that is great at the legal process-but sucks otherwise-and it works well on Windows 7).

Now for our physical Access Point placement, I did not have access to Ekahau or any predictive mapping software when our office was planned. But, I did know the walking patterns and how our lawyers operate(I call this part TACO(I’ll blog about that later) or Chapter 2 in the Certitrek CWDP-302 book). They generally *do not roam*. What?? What do you mean?

Let me explain a little on that. First off, people enter the first floor, access the elevator for the second floor(our office is the entire second floor of a three story building). I have an access point roughly 10 feet from the elevator, that is pretty much meant to get the device connected. Hardly any usage on that AP is done, maybe a quick email or two if the elevator is slow that day. That AP is also on the opposite side of the building that the most used offices are. Also, I know that the mobile devices are usually tossed in a pocket or backpack during this time. Sometimes, those devices are not even touched until sitting on the desk in the person’s office. And, in that case they will connect to the AP that is right outside their office.

Knowing how the devices are used, I placed the Access Points in relation to the office usage walking patterns. huh? I knew how people will walk around in the office, how they will be using a mobile device and what would be used on that mobile device. Lucky for me, I know that our mobiles devices are used for consumption. Lots of PDFs(mostly looking at one or two that are 100’s of pages), along with some Words Docs, hardly any VoIP and/or video used in a “walking around” sense. Very little Facetime/Video, however lots of cell calling(but that’s not my problem).

Now that you have a little background of our network. You can see why I’m forcing a minimum supported rate(see pages 300-301 of Sybex CWNA-106 book, also page 218 for OFDM) of 54Mbps. And, I also know that all of our devices are 802.11ac.

Now comes the roaming part, which we really do not do. Since we run at 54, and know that the our devices will be very close, roughly 20-23 feet lines-of-sight propagation to the Access Point(if not closer). They *should* not have too much of an issue with decoding the higher modulation rate(see pages 640-643 Sybex CWNA-106).

Now, this is not a perfect theory of why this works for us, our office is all concrete floors and ceilings. with lots of lines-of-sight propagation to other Access Points.

However, I’m pretty sure we have a Near/Far issue due to our AP layout, think of it as as big “L” shape, with lots of metal and concrete walls, sitting in the “arm” of the “L”.

Or……are we just hitting the point of demodulation issues on that far away AP, since we’re at 54?

Cisco Live 2019 – back in San Diego

Hey folks, Cisco Live 2019 is a few days away and back in San Diego, California. Time to enjoy the wonderful weather and good times all around. Other than walking 10+ miles a day, I’m really interesting in hearing more about OpenRoaming and the 9800 Catalyst Wireless products. More information about “what is OpenRoaming” can be found here. I have a theory that with OpenRoaming and Apple’s new sign-on method, which seems to live at “appleid.com”. Things could be interesting, now this is just a theory, but it would be super cool if Apple made a better sign-on process for public wireless. You know, sorta like HotSpot 2.0 but without the Cell Carriers. Anyways, that’s just me dreaming and hoping to see something come out of it. Anyways, If you have never been to Cisco Live and this might be your first time, wear good walking shoes and drink lots of water. Have Fun.

A Steamy Cisco Live….and fun

Cisco Live 2018 in Orlando, Florida just finished up …. and once again .. I went to one session. HA. This time was my fourth year, which allowed me to become a NetVet, aka the Red Lanyard. Being a NetVet allows you access to a lounge area with drinks, snacks and quick access to lunch. This lounge area also has a good amount of chairs and tables to relax at. Also, they had some retro arcade games setup to fool around with. Good times.

So why only one session? I typically schedule a few sessions, mostly on Wireless topics. Sometimes I manage to join in, sometimes I do not. Let me explain why.

I find the “networking” aspect of Cisco Live more fun than anything. Just the random encounters and walking up to people that I know or recognize, or sometimes don’t even know at all, and just saying “Hi”, is the best part. The little stories you hear and people talking about what they do and why they do it. That’s the best part.

I find the randomness of chatting with people more of a value than sitting in a session(plus most of the sessions are recorded anyways). Now, sometimes sitting for an hour long sessions is great, because, Cisco Live is huge, the first day alone you will walk at least 10 or more miles.

Another part of the community I find fun is the Cisco Champion group. Being part of this group allows access to some private activities and sessions. This is a yearly “application” that you do and if you’re in, it truly is worth it.

Also, last but not least is Cisco DevNet/Create. The DevNet group of people are truly a fun time to hang around with. They have little sessions, usually around 10-20 people on different topics, from IoT automation, to face tracking with cameras. Lots of cool stuff going on there.

If you are new to Cisco Live, I will leave you with these important rules: wear good walking shoes and drink lots of water.

See you again next year!

“I am responsible for this case, I am here to help”

Cisco Meraki should do more “enterprise” testing, or maybe just testing in general.  Let me explain why I said this.  Over the last five years I have opened on average 20 cases a year. Some regarding cosmetic issues, some regarding small “issues”. Some cases last over a year, because somehow I’m the only person in the world who can recreate the issue? But nothing causing actual downtime that could not quickly be addressed in another manner.

That is, until the MC product line, this is the Meraki Phone.

From time to time I randomly visit the Meraki Dashboard, mostly to disable the “auto-upgrade” that pushes “Stable Release Candidate” line of code to my devices. I really do like the option of auto-upgrading, but why are you pushing a “release candidate” to my production network? More on that later, but lets get back to the phone issue.

For the most part over the last year and a half(actually when the phone was first available I bought one) the Meraki Phone has done “okay”. I wouldn’t call it the best featured phone from Cisco especially for the price, however it does look nice.

Now during my dashboard visit, I randomly browse around looking for new things that are turned on, or how they have made things more visible.  Cool.

This time I look at my Phone Directory(this lists users that should be assigned to a phone). I notice that my User is not assigned a phone, hmm, odd.  Now lets do a Delorean mode and go back to maybe December(?). This is when I noticed a new option under Directory Sync, “Azure Active Directory”. Oh nice, we use that(Office 365 E5 + AAD-P2).  Cool, so I set this up.

months .. pass … no …. issues ….. UNTIL ……

Like I said, I noticed my user does not have a phone assigned. So I look at the Phone list(this shows the physical phones in your network). I select my phone and I see it doesn’t show an assigned user. OK, I select the correct user click Save, done. Cool.

Oh … wait .. what happened to the assigned public phone numbers that I did have? Those numbers are shown right below the assigned user section.

They’re gone.

Hmm, so I remove the assigned user thinking they would come back. Nope. The option to assign phone numbers does not exist anymore. Odd.

OK, so lets assign the user again, that works–the user is assigned to the phone. Oh, I see an option to assign phone numbers, cool, NOPE, none of my phone numbers are available. Odd. So I start looking around, I go into the Phone Numbers(this shows public phone numbers assigned to your account). I see my phone numbers are still listed in the system. Cool.

So I look around and to see if they have somehow been assigned to another phone, nope. Hmm. Odd.

Now the first thing you might be thinking is wait, what about the AD/LDAP mappings  that would need to be done. You know from the golden age of  CUCM LDAP User search base mapping. Nahhh, no options for that.

So where are we at with this?

A support case with Meraki was opened instantly, as you see, or actually should be hearing a phone ring along with being able to make calls(yeah a little bad humor). My phone does not show as being assigned a phone number.  Nor, can I assign my numbers to another phone. When you do call any of the numbers that I did have, they instantly are greeted with my voicemail message.

So here I sit, at the hands of poor QA done by Cisco Meraki.

The next day comes, I let time pass and call Support around noon(my local time). I have an issue of 100% downtime with my phone, Support tells me nothing can be done, nor can they do anything other than tell me what “engineering has told them to do”. I can’t talk to any person on the MC product line, i.e. a Product Manager.  The only people I can talk to regarding this are Support. And, even that was painful.

I had to ask three times to speak to a Support Manger, why did I have to ask three times?  I asked for a way to contact the Support Manger directly that I did talk with, I was told to just call support, as a way to contact that person was not available?  I instantly had the feeling of Cisco Meraki did not care about this issue, even though I was told “we care“.  Why would a support manager not want to take responsibility for this case, why would they not want to be directly contacted regarding this issue? Why would the PM of the product line not want to know about this? Do they even know? How are updates done to let people know? Once, again this is an issue of 100% downtime.

My phone can not place or receive calls using the phone numbers that I currently pay a provider for along with the support I pay to Cisco Meraki.

I wonder if Cisco Meraki uses the “Cisco Severity and Escalation Guidelines“. Do they even have one? How do they determine importance of an issue?  I going to lean towards with “us/me” being a small setup—why bother with us, who cares?

Around, 2007 maybe 2006, not sure exactly. I called Cisco TAC. I had an issue with not being able to enable PBR on a Sup 6E.  I opened the case online(which if I remember right, would be a Sev-3—meaning hey no big deal), maybe within 10 minutes I got a call from a CCIE. He told me his name along with the following:

“I am responsible for this case, I am here to help”

Now, this was not a service interrupting issue, this was me trying to enable PBR to send traffic to an IronPort Web Security Appliance.  Actually, I didn’t mind if it worked or not as I had other methods to accomplish the same results. No big deal. However, the pure fact that someone said they are responsible for getting results to help me on this simple, little, tiny issue, is what did matter. Someone who I could call directly(or even email) that would make sure things work, is what did matter. And, of all things was done on a Saturday morning.

I wrote the above blog post around 2PM Central time, but was holding off on clicking Publish, I’m adding more detail to this as I think it needs to be mentioned. I found out who my Account Manager is from the Meraki Dashboard. I emailed that person asking them to look at a support case. After a quick exchange of how I can be contacted, I received a call(obviously on my cell phone). I don’t recall ever talking to this person. However, I did get a sense of importance to this issue and a willingness to get the “higher up” folks involved in a faster manner and the appearance of ownership to my issue. (And, I use the word “appearance” in a light manner, well you know, c’mon, sales folks). Smiley face/wink.

Shortly after I did receive a call from Support, explaining they were told the phone numbers(but not my phone extension) should be available again. Yes, other than my phone extension with my voicemail greeting and maybe some messages still attached to “something in the cloud”. I can receive and place calls now. This is the not the first time I have had to redo my voicemail greeting. But why?

This has opened lots of questions all leading to “what if” scenarios? The major one being this is a phone, what if the reason this phone was bought because it fit the need to at least try and provide access to an emergency service? And, besides emergency services, what about actual business needs, people in an office do not use cell phones, they have office phones(at least for us we do).

I know people are going to say: “Hey, it’s the cloud, don’t trust it” or “dude it’s Meraki, c’mon, you should know better”.  Also, I looked around my dashboard I didn’t see anything that said “Beta” that was inline with what I was doing. Maybe those words need to be applied all over?

A good friend mentioned to me “Heck, if you worked someplace else, you would have been fired over this”. Meaning you recommend the product, it breaks, causes business down-time, you and the product are removed. Which brings up even more “what if” questions.

Maybe another option when opening a case is being able to place more details, other than “Low, Medium, High”, which sound like settings on a barbecue grill.

Maybe things like this actually need to happen. I understand things break, things break all the time. Maybe a culture change will take place? Reminds me of that AWS re:Invent Netflix session(I can’t find the video link), a guy was talking about when people push code and it breaks, you are expected to instantly fix it. Doesn’t matter if it breaks then, or a couple days later, or even if you’re on vacation, you own it, you fix it.

Or maybe, just maybe, I’ve watched too much Mad Max and have drank the kool-aid.

“They say people don’t believe in heroes anymore. Well, damn them! You and me, Max, we’re gonna give ’em back their heroes!”

Good weather and some DevNetCreate

The 2nd Cisco DevNetCreate conference was recently held at the Computer History Museum in Mountain View.  Pretty cool place to see the history of technology we use on a daily basis.

This picture reminded me of a scene from the movie Sneakers.


Lots of sessions and really good food. They brought in local food trucks so we had a good variety of choices over the two day conference. The only down side, lots of really good sessions but not enough time(i.e. some ran at the same time as others).  Maybe somehow they could be recorded?? Overall, I would give this conference a 95%, hmmm, why not 100? Well, that reason is, just not enough time to see everything.  Not sure if adding another day would make this better.  I think the two days are perfect, however the recording of sessions would add that little 5% for sure.

Normally, I don’t stick around for keynotes at ANY conference. Usually I get distracted and wonder off.  BUT, this time I tried it out.  Being part of the Cisco Champions group added some fun to it, front row, center seating.

This one was pretty cool, Guy Kawasaki was invited to talk. He tells a great story! If you get a chance to see him at a conference, do not pass it up.


As for sessions, Cisco Meraki had several workshops/sessions talking about their API.  Lots of focus on Node-RED and how to make that “magic” of programming an easier process.

Michael Chenetz did a great job of doing an intro to using Node-RED and showing how things can connect with ease using the Meraki API.


Now, the next one is a bummer, it was about designing your own PCB along with using Upverter and Hackster.io.  I was actually really excited for this one. BUT, I quickly realized I don’t have the patience for it. The little circuits and what-not, nah, that’s not for me. Which was a good experience that I was able to see what someone had created and quickly found out I would really not like to do it. So in the end it worked out well, PCB design is not for me.


Now comes the very fun “Create” part of the conference, it was a bonfire and create your own S’mores. If you don’t know what a S’more is, well, you’re missing out … stop reading right now and make some, they go great with some beer(or wine).


Thanks to the entire DevNetCreate Team for once again, having a great conference and fun time! I hope to see you all again next year!

As you wish, Captain. This way.

Hey, I’m still around. So here’s a little update for 2018. More conferences! Yeah!!!

First on the list is DevFestKC, it’s local so easy to hit.

Then right off to the awesome WLPC, if you do anything with wi-fi, you have to go!

Also, thinking about hitting up HPE Aruba Atmopshere, always a good one, just might not have time–we’ll see.

Then Cisco DevNetCreate — If you love APIs, IoT and Developer stuff, it’s a great time!

Hoping to visit InteropITX again, loved it last year. A diverse group, awesome to see and learn new things

and.. then RSA Conference in SFO.

Many more on the list… but we’ll leave that for another blog post later on.

…seven bells and all is well

In the last 90 days, the conference trips have been going. It started off with Interop ITX, Cisco DevNetCreate, Purestorage Pure//Accelerate, Kansas City VMUG Regional Conference, and lastly Cisco Live in Vegas.

Lots of travel and long nights.  I’ll be posting a little more details of each conference in the next few days. Just wanted to drop a little note as to why this blog seems a little lacking the past few weeks. Stay tuned!!!

He Who Dares, Wins!

“He Who Dares, Wins”   I like that…. I find it interesting.  For the last few months I have a support ticket open for what is called a “cosmetic issue” or so I’m told.  And, that issue is, all of my Cisco Meraki MS220-8P switches are showing the  incorrect LED status, for any ports and even the main switch status light.

Here’s a somewhat bad photo that shows what I’m talking about:


The main status light on the far left is Amber, that should be Green.  However, if Port One is unplugged, which currently is showing Amber, the switch status light turns off. And, instead of showing Amber on the ports, it should show Green.  Hmm.

Cosmetic Issue …. Yeah … the switch itself appears to function fine, I have not noticed any issues with devices being able to pass traffic or any related performance metrics that are not meeting a goal. So Okay, then what are we winning?  Well, let me explain what I’m thinking….

Could Cisco Meraki be doing a client test or collecting information to see who actually looks at port lights? If we are moving to a complete cloud based system do we really need lights? Sure, I would think, maybe a power light, to say “hey, I have power, or I’m not doing well”.  BUT, how often do you *really* look at your switches or even look at each switch port status? From the (wireless) access point side of things, people want the status LED turned off.  Some people just do not like it.  Maybe that approach is making a road towards switches and other devices, turn all the lights off.

………… or maybe someone messed up and just hasn’t fixed it???


The ball and the three cups.

The greatest trick Meraki ever pulled was convincing the world to run Beta code.

Yeah, I changed it .. and that’s what I’m thinking now. Let me explain…

After reading this post on the Meraki blog about the new phone features—which really should have been around from day one.  I was impressed, but then that wore off really quick. I found one of the features was available right now—the easier porting of an existing phone number into the Meraki system. Nice.

But wait … where are the other two?

Well, they’re stuck in “Beta” code. ……. FUCK! Really!?!?

When it comes to things with the word Beta attached, I stay away. But why? Gmail was Beta for years.  Good point. But that’s email, not a phone call.  A phone call could be important and it could be nothing.  The important part being–the need to call emergency services. Do you want your phone to reboot, lockup, or just not work? Nah, I didn’t think so either.

Maybe Meraki could have two thoughts about code, maybe you still have your traditional “beta” code, that only runs with and on devices that you know are going to be watched and reported on for issues. Then you have almost production code, meaning we’re not sure if something exists, but this code train has passed our internal QA process, which Meraki talked about here. So after passing our check box items, we allow outside folks to run it, with them knowing that is *has* passed xyz of checks, but something could be around. Then after that is done, it becomes the “upgrade available” option in your Meraki Dashboard.

With that little warm feeling available, maybe it would be OK to run Beta code in production environments.  Maybe we’ll call this idea… the the condition of being transparent. Or we could just chase the ball under the the three cups. 🙂


The new eye in the sky? …. maybe

Of course with all new products there is that nice and new feeling you get, the taking off the wrapper of the goodies under the tree.  Well, keep that in mind, they did get the box right, Cisco Meraki makes this an “Apple” like party.  No need to have lots of paperwork that is tossed away, of course all the little screws and misc parts are in a nice little foam sponge like thing–very handy when doing an install(they do the same with the phone and access points). Here are some box pics. Uhm. Yeah.

So on to the camera,  this thing is huge, not sure I like that, I’m comparing this to an existing Axis P3344 camera.  A little bit about that, I love Axis products, not the cheapest by any means, but damn rock solid for the last 10+ years I’ve been using them. Never had any issues and it always did exactly what I wanted it to do. Of course your mileage may very.  And here are some pics of our Axis camera.

So not too bad, the Axis is much smaller, not as deep as the Meraki camera, can I live with that? Maybe.  On to the installation… Okay .. this part was odd .. We use Belkin CAT 6 molded cables.  It was a little tough getting the cable in.  See the pics…

After cramming the cable in, not the best placement–compared to how the Axis is plugged in(see the pics). But then again, this is not something you constantly plug and unplug.  Moving on …  Now Meraki is good for doing the cloud configuration and latest firmware updates, just plug the stuff in … wait 1o or so minutes for the updates, get some coffee or RedBull, watch the green blinking light(no color rainbow like the APs??) then configure. Simple. However, this is a camera you really need to touch it more after the physical installation is done. I figure that’s expected.

So what’s odd?… the clear dome that covers the camera portion, just turn that a little, like very little and it pops right off and then you can move the camera around.  Hmmm. So it could be pointed up, up and into the sky. Well, okay. This is the Internet, use your imagination on this. 🙂

But wait a minute, how would you secure the dome?  This is what Axis did….yeah see the pics.

They have it screwed down internally and included two dome options, clear and frosted. What is shown is frosted. Which also includes a black plastic part that covers more of the camera parts. Wait, you said it’s screwed down? I have a screw driver! But is it a Torx one? All the screws are Torx heads. Hmm ok. Meraki does that too. Cool.  And, just like the Access Points and now Camera, one security screw is all you need.

Well I finally get it mounted, which that was odd–and I didn’t take any pictures– was how it mounted to the wall plate.  It includes a wall plate that you put wherever and then the camera slides onto that. Actually pretty nice. BUT the placement of the network cable and how it lines up with the part that the security screw goes into made it like I had to twist the camera and push down onto the mount plate in an odd way all at the same time. Maybe this is by design to slow people down–you know from taking the camera–which has the security videos.

The hard stuff is done, now onto the Meraki Magic, you know the part where you Merakify everything.  Yeah, I hear that’s a thing now, Merakify.  Listen, just go with it.

Everything on the dashboard is pretty much just like any other Meraki product, you claim the order/license/whatever number and add it to a Network(you create a new Camera Nework) then combine the Camera Network to an existing Network and you’re done. Simple.

Now, finally to the part that I think could just be a software update. Having finer rotation settings, you either have 180 or 0 degrees. So that’s that mattress man.


But hey you can move the camera lens around after you just pop the clear dome off, and yes– you –can.  But let me show you the issue I have—-yeah–more pics. 🙂


Hmm, that looks like shit, well yeah it does. Our camera is mounted on a concrete column by our front elevator.  You can see people moving around, ok that’s fine, However this is what the other camera could do. ugh more pics… See how rotation comes into play.


The other camera you could digitally rotate the picture for a better view. NICE!

And, the full screen option is pretty bad on the Meraki side, here’s why… I had to add a camera to a “video wall” and then that “wall layout” becomes full screen, notice the gray side and black bottom bars on the other picture?  That’s because the Video Wall only allows a camera to take up so much area of the wall, then the entire wall becomes full screen, you get it?!  If I had more cameras I don’t think this would be so bad. Hmm.  I would think I should be able to full screen that camera, from the dashboard list of attached cameras?

Nope… I don’t see the button, do you?


So far in this post  we have lots of “you can do this with something else or this with that blah blah and this sucks”.  I know. I know. Why not just put the other camera back in. etc… etc…

Well, everybody wants to believe in something, right, maybe the next software update will be: “You and me, Max… …we’re gonna give them back their heroes.”

Or maybe not…

I’ll leave you with this, you can Merakify however you like, every product launch has good and bad. Do we know all the details as to why? Nope, Should we?  Ok that’s fine.  BUT you have to have goals and those goals have to be precise.

I kinda like this quote:

You come at me, you better know I move quick...
...and when I do, I slice like a goddamn hammer.
So you're not gonna make Reuben whole?