Saved the day
Posted by anderson01832@reddit | sysadmin | View on Reddit | 54 comments
10+ sites reporting internet outages.
Boss calls when I'm on lunch asking to drive to one of the locations
Boss blasting angry emails to our ISP
I get to the site (5 minutes from home), as soon as I got there my phone trying to connect Wi-Fi got me to a splash screen saying internet is misconfigured, we have Meraki, so I logged on and bang! Network disabled for non-payment
Feels good
thefpspower@reddit
Meraki disables your network for non-payment? That sounds dystopian
GhostOfRandomUsrName@reddit
You have to pay yearly for the license.
thefpspower@reddit
I know that but the devices I deal with usually don't outright disable your network if you forget to pay.
For example just today we had a client's Arista firewall expire because whoever received the quote saw the email but forgot. The client was still working, the basic firewall still functions, IPSEC still up but lost some features and packet filtering.
That is how these things should be handled, not just turn it off and ask question later, just sounds more like blackmail to me.
farva_06@reddit
Most devices just lock you out of making changes to it, but still continue to function. At least for some sort of grace period.
Ron-Swanson-Mustache@reddit
Palo Alto's the same way. Didn't pay? No more updates for you! But we're not going to bork your systems.
ManWithoutUsername@reddit
that normal, but stop working is a bad "joke".
Anyway the problem is buying that shity brands
ITrCool@reddit
I mean, this is CISCO we’re talking about. They’re ruthless in everything, including their predatory pricing. I can see them just disabling a customer’s network for non-payment.
psiphre@reddit
they're ruthless in everything, not just their predatory pricing. lol.
Ron-Swanson-Mustache@reddit
As the saying goes; Cisco's console cables are blue from the tears of CFOs.
ITrCool@reddit
So true
mdug@reddit
I worked at a startup that was running mostly on VC money and got various reasons was circling the drain so was pretty low on cash. So the Meraki renewal was one the leadership decided not to pay. CEO called me and asked why the WiFi wasn't working in the office. I reminded him that they had decided that they didn't pay to keep it working. This was also in 2021 and the office had been more or less abandoned but he wanted to use the printer.
On the one hand, yeah, we didn't pay to keep it working, on the other, I'll never work with a vendor again that will effectively brick equipment because a license wasn't paid. I'll pay for support, software updates etc, quite happily (ok, maybe grudgingly), but just disabling the gear is shitty.
demglassesshitinnit@reddit
Meraki definitely gives you a 90 day grace period too. Even if your license is expired, you're good for 90 days. Not that I would rely on that fact.
ShadowSlayer1441@reddit
Still sending angry emails and threatening suit/aggressive negotiations makes way more sense. What if your licensing server shits the bed and suddenly you're on the hook for lawsuits surrounding lost business.
mike9874@reddit
So the firewall keeps allowing traffic but with less protection? Perfect!
thefpspower@reddit
Less user protection but not less outside intrusion protection which is what matters because for user protection you should still have your AV layer.
jake04-20@reddit
I get that, but most software doesn't runtime restrict you for compliance issues, or at the very least they give you a chance to true up. I have a network friend that swears by meraki and is trying to get my org to switch off cisco, but this is a negative for me.
BatemansChainsaw@reddit
It sure does. It's also why I refuse to deal with subscriptions for critical infrastructure. I know some here would rag on Ubiquiti but I've run sites with 1000+ individuals and at least five times that number in connected devices and services without a hitch.
I'd willingly run a network with 10x that many people and endpoints with Ubiquity gear.
SystemGardener@reddit
Ciscos done this shit for years.
sweetroll_burglar@reddit
I understand the hate for cisco and meraki specifically but man, wifi administration has been a breeze ever since we replaced our old EoL aruba setup with meraki. I almost never have to look at it. And when I do, it's usually a radius issue. 🤷♂️ (small org)
pdp10@reddit
What was difficult about it when you had Aruba? Were you in there every day tuning your channel widths and 802.11u parameters?
TommyVe@reddit
How can a business "forget" to pay for something this crucial. It's to be automatic or with a bazillion of reminders at the very least.
pdp10@reddit
Could be worse. Like the Meraki users inside Russia, who were disallowed by sanctions to pay.
jaydizzleforshizzle@reddit
Welcome to Cisco, this alone makes me refuse to work with them, I can understand some features but Cisco bricks your shit.
The_Original_Miser@reddit
This is why I'd never purchase Meraki.
Disable non critical features? Sure!
Brick the whole thing? No.
Tymanthius@reddit
Yep. Meraki is Firewall-as-a-Service.
You don't have a license? it's just a brick.
JesterOne@reddit
Yeah, I think if there isn't a "service contract" in place, everything stops working.
fonetik@reddit
And that's how a "P1 - Emergency" becomes a "P4 - Awaiting purchasing department" as the manager quietly sweeps this under the rug.
Capt91@reddit
That's why you never go Meraki
Tymanthius@reddit
Who's the person that is responsible for keeping that contract up to date?
IroN-GirL@reddit
Yeah, I wish I could see his face when he was told. Hopefully the screaming boss was the one supposed to have paid it.
anderson01832@reddit (OP)
I think he was because if was fixed 2 minutes later lol
jcleme@reddit
In which case it had been paid for and someone had forgot to apply the license key.
dansedemorte@reddit
or was told that the purchase had gone through.
BigMikeInAustin@reddit
Way back in the day, company phone lines went down. I was just a lowly worker. Had to use a payphone to call the phone company.
I barely made it past my first sentence telling the phone company how important the phone lines were for the business, and I needed a priority repair.
They said it was failure to pay the bill.
Used a dime to call the big boss, who wasn't in the office.
And I enjoyed a few slow hours until the phone bill got paid.
Fr0gm4n@reddit
Had a CFO that would pull crap like that. He even got us pushed out of a facility when the property owners decided to not renew the lease due to him usually being late paying until they hounded him for it. I was glad he didn't come over when the company was bought.
QuietThunder2014@reddit
Boss was sending messages to ISP and sent you onsite when 10+ sites were down and didn’t bother to open the Meeaki management portal to diagnose? Dude.
My biggest issue with Meraki is they’ll put 50 devices on individual non co-termed contracts then if one goes out of service they shut down all of them. Not just the one that fell out of renewal. It’s bullshit and it’s why I moved all our shit off Meraki. They do give you a 30 day grace period though so clearly someone should start checking this critical infrastructure more regularly.
Terriblyboard@reddit
Ahh thats great... had a site go down TWICE because the AP department didnt pay the bill on time. Felt great when I told them both times.
pdp10@reddit
It also feels good to hand out those USB-to-Ethernet dongles that AP also complained about, to the AP users who need them to pay the bill in order to fix the WiFi outage.
Big-Penalty-6897@reddit
As soon as I saw "Meraki" I figured that was the problem. One of my associates has been having Meraki hardware make his work life a living hell. I'd have put those damn things under a hammer and setup PFSense boxes.
pdp10@reddit
Put them in a box for the OpenWrt crowd.
Unable-Entrance3110@reddit
Same. It's not like their aren't options in the same market segment. I have learned today that we will never be entertaining these guys as a vendor.
I understand licensing security but to make basic functionality fail? That's a hard no. Mistakes happen and sometimes invoices don't get paid for one reason or another despite the best of intentions.
North-Plantain1401@reddit
This whole thread should be on r/shittysysadmin
DatManAaron1993@reddit
What is the "Timeout" or is it instant?
North-Plantain1401@reddit
A month, then you can request extensions from support if you have a reason to not renew it
We moved from an mx84 to dual mx105s last fall and they let us ride for 3 months while our ISP got their rack on line. The meraki sucks in a lot of ways for sure, but as long as you pay your bills it'll work ;)
DatManAaron1993@reddit
That’s more than enough time lol
MrVantage@reddit
Wow that’s ridiculous! I get disabling non critical features (I.e IDS/IPS) and removing management capabilities, but completely disabling everything is a joke. Glad we are riding the Ubiquiti train.
bgatesIT@reddit
thats happened here at our org before, on my first week here, and i was the only it guy in the office that day.... that was a fun couple phone calls to my boss
chefnee@reddit
They made it easy. The error message has the answer! And it’s Friday. Two Wins.
anderson01832@reddit (OP)
And Monday is a holiday
chefnee@reddit
Forgot about that. Three Day weekend!!
MeatPiston@reddit
Shit as a service claims another victim.
ADynes@reddit
Meraki is the worst networking brand I've ever experienced. I understand charging a license fee if you don't pay for the hardware but the fact you pay for the hardware and a license fee and if that license expires it breaks your device is completely ridiculous.
Years ago we were switching out some old Microsoft TMG software firewalls and after lots of convincing by Meraki salespeople we decided to go with them. Within the first 30 days I had six different support tickets open all for things that the sales people said would work that simply didn't. Some more features that were simply broken and others were features that didn't exist that I was told did but it turned out they were coming in a future release. I then requested a full refund, sent them back, bought Sophos XG firewalls, and I've never looked back.
Meraki's sales people still call and send me emails and every single time I reply with if my license expires does my device stop working? And when they say yes I tell them we will never do business with them.
And don't get them confused with Cisco which even though they are the "same" company is apples to oranges.
Prestigious_Wall529@reddit
Agreed. Over-engineered junk. Wouldn't take it for free.
Creative_Onion_1440@reddit
At least Extreme only disables your management dashboard.
Network will still work, as long as you don't need to change anything.