Sunday, August 18, 2019

Silly Meraki Tricks: LAN Hairpin NAT (Sort of)

Working with Meraki these last two years has led me to discover a few oddities in the way things wrok. Often, these silly little tricks can be used to solve problems, but they also may lead to unintuitive configs. Either way, I don't understand why I haven't posted them here before. You will likely find anything that I post under this moniker something I've already posted about over at the Meraki Community, and I will link over to the full conversation where there is one.

For my first Silly Meraki Trick I will show you how to get a NAT translation for LANtoLAN traffic on an MX appliance.

Tuesday, August 13, 2019

Meraki Community All Stars

Over at the Meraki Community a new program has been created to recognize and acknowledge community members who dedicate their time and expertise to participating in the discussion and helping to make the community a great place to learn about Meraki products. Here is the announcement:

https://community.meraki.com/t5/Community-Announcements/Announcing-the-Cisco-Meraki-Community-All-Stars-Program/ba-p/49508

I'm quite honoured to have been included in the first cohort of Meraki Community All Stars, so I thought I'd make a post about it!

Wednesday, June 19, 2019

Meraki Action Batches in Action

As promised in the previous post, here's a quick sample Action Batches script.

I've actually got two for you. Both scripts create two new networks, and then create five VLANs inside those two networks. The script 'example1.py' creates all of this using individual API calls for each create action. The 'example2.py' script uses action batches instead of individual API calls.

For fun I'm also using timeit to compare how long each script takes to do the same thing.

Saturday, June 15, 2019

Action Batches in the Meraki Dashboard API

Just announced at Cisco Live '19 on this past Thursday is a new Meraki Dashboard API feature called Action Batches. This was announced during BRKRST-1733 on Thursday morning with Tony Carmichael and Shiyue (Shay) Cheng, two of Meraki's finest when it comes to their API. There's been some talk that this feature was coming, and I was very interested to see what the initial implementation was going to look like. Well, now that it's here we can take a look!

Tuesday, May 28, 2019

Setting up a Google Chromecast Without the Home App

Let's be clear on one thing: I am not a developer.

 I am dangerous with bash, PERL, and, increasingly, Python. Given the state of the world, gaining skill in writing code is high on my priority list. But all that self-loathing disclaimer and wishful thinking aside...

 I've been doing a pile of work lately with Chromecasts. Ya know, those cute little dongles you connect to you TV and stream stuff to. Yeah, those. Well, as it turns out there's an undocumented API that you can use to do all kinds of things on them. Most of these undocumented APIs are documented in various places around the Web. I used these, in conjunction with a little of my own packet sniffing to figure out how to setup a default Chromecast without having to use the Google Home app. I took this derivative work, and piled it all into a bash script that seems to do the job (read: there's MASSIVE room for improvement, but hey running code rules the world, right?).

 As this is an undocumented API this is totally use at your own risk. I am not liable for any unexpected consequences, or if the API endpoints happen to change at any moment. This worked today, but I make no promises about tomorrow.

Thursday, May 23, 2019

Let's Encrypt for Meraki Webhooks and Scanning API

Yesterday Meraki sent out a notification to their customers that they were updating their Scanning API and webhooks features to only allow HTTPS based receivers. No more unencrypted HTTP. This, naturally, makes sense since there's potentially sensitive customer and configuration data being sent over the Internet with these features, so I applaud Meraki on taking this step.

But, I've done a bunch of testing and PoC work with those APIs using HTTP. Shame on me for doing it unencrypted, but, well, things are hard. OK, not really. So I'm glad Meraki has pushed me to tighten up my own testing environment. Since before today I didn't have a certificate I could use to do this, and I spent the morning hammering this all out, I thought I'd put this here in case you find it useful.