Understand Meraki cloud check-in process

  1. Meraki devices build the encrypted tunnel to certain cloud servers for the management traffic flows, incl. status reporting, firmware upgrade, configuration download. You can find the region of which cloud servers your devices connect to at the bottom of your dashboard organization page.
  2. In order for Meraki devices to connect to the cloud, the dashboard “firewall info” lists the IP arranges and ports that have to be allowed at your uplink side (both your own upstream firewall and the ISP).
  3. Your devices have been added into your dashboard organization and a network already, otherwise the devices will end up with nowhere to check-in.
  4. There are certain cloud VPN registry servers for devices to connect at the UDP port 9350 and/or 9351. This is one of the best parts with Meraki Auto-VPN technology, the cloud servers are controllers for it.
  5. The cloud servers open its UDP port 7351 for devices to build the management tunnel on. At your device side, it will be a random port.
  6. We will not touch NTP, SNMP in this article, but those are very key services for the devices to run smoothly.

Summary:

  • n158 primary & secondary servers. (209.206.52.208, 209.206.48.98)
  • mtunnel.meraki.com (nslookup at your end to see what it is.)
  • mtunnel3.meraki.com (108.161.147.161, it may alter at your end.)
  • mtunnel.meraki.com
  • 64.62.142.12

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store