May 122017
 

We recently replaced our existing router with a Meraki MX65w Security Appliance.  While Meraki does have multi-factor authentication to log into the cloud controller, we were disappointed to find out that they do not have multi-factor authentication for client VPN.  However, there are third-party solutions that can be used to provide multi-factor authentication for client VPN.  These third-party solutions can be found on Meraki’s website below.

https://documentation.meraki.com/MX-Z/Client_VPN/Using_Two-Factor_Auth_with_Client_VPN

We chose to use Windows Azure Multi-Factor Authentication (Azure MFA) Server.  The Azure MFA Server is installed on a Windows 2012 Server acting as a Domain Controller.  Unfortunately, the set-up and configuration of Azure MFA with Meraki Security Appliance is not well documented.  Below are some useful tips from our experience with setting this up.

  • By default, the Client VPN timeout on the Meraki Security Appliances is 15 seconds. For there to be enough time for the authentication to complete this must be extended.  To extend this you will have to open a support case via the Meraki dashboard and ask to have it extended.  Azure recommends this being at least 60 seconds.
  • Logging is very important. Both the Meraki Security Appliance and the Azure MFA server have the capability to configure syslogs.  This is very useful as it shows the communication between the two devices and can help pinpoint where the issue lies.  Below is a copy of our logs once we had this set-up properly.

  • Be persistent and know when to walk away and take a break.

Hope these tips help!

 Posted by at 3:52 pm
Apr 062017
 

Microsoft recently added a new feature that by default prevents the opening of Microsoft Word, Excel, and PowerPoint files sent as attachments in Outlook. When attempting to open, users may receive error messages like the one below.

These error messages usually do not define the problem.  For example, looking at the above error message it’s telling the user the document cannot be opened due to lack of disk space or memory, when it can’t open due to this new setting.

It is recommended to save the attachments to your computer before opening but if you would like to open within Outlook and disable this feature follow the steps below to do so.

  1. Open Microsoft Word.
  2. Select File –> Options
  3. After the options window appears select Trust Center –> Trust Center Settings.
  4. In the new windows select Protected View and uncheck the third box.
  5. Repeat steps 2-4 for Excel and PowerPoint.

Upon the completion of these steps close and reopen Outlook and you should be able to open all Word, Excel, and PowerPoint attachments with no issues.

 Posted by at 12:26 pm