2017 Meraki Network Template VLAN Design Templates: MX84/65,MS225,MR42 Examples of common network configurations Updated per the April 25 th All Archdiocesan conference call Tom O’Callahan OCS Technology Planning and Strategy [email protected]Note: Use the Meraki documentation for more configuration and usage details. This is a best practice guide for schools. Please contact me with revisions or updates.
Note: Use the Meraki documentation for more configuration and usage details. This is a best practice guide for schools. Please contact me with revisions or updates.
Network Template Examples
The examples include use of VLANs to separate/isolate user communities (teachers and students). VLANs requires VLAN/network routing capable routers/security appliances. VLANs is typically the least complex and most reliable way to provide granular per user community access policies.
• Section A– Access Points
• Section B– Switches (VLANs)
• Section C– Security Appliance (VLANs and network routing)
• Section D– Network-wide
6/5/2017 2017 Meraki Template
Section A
• Access Points• Summary:
– Enable automatic power reduction– Optimize performance with 5G preference SSIDs– Enable band steering let Meraki make the client decisions– Use DFS channels to provide the max radio capacity– Provide a higher preference for high bit rate school Wi-Fi
computers (min: 11, 24 is better)– Consider using Air Marshall to contain non-school access
points “leakage”– More that 5 SSID may degrade performance by 20%– Clients roaming: Apple default is 802.11v mode
6/5/2017 2017 Meraki Template
MR42 Access Point Summary
6/5/2017 2017 Meraki Template
Access Points with multiple networksMR42 SSID VLAN Tagged
2017 Meraki Template6/5/2017
Wireless Radio SettingsPower, 5GHz 40 v. 80 MHz and DFS
6/5/2017 2017 Meraki Template
Wireless Access ControlDual Band and Bitrate
6/5/2017 2017 Meraki Template
Access point ToolARP Table to Confirm Layer 2 Clients
6/5/2017 2017 Meraki Template
AP to Meraki Performance TestRough estimate of connection speed
6/5/2017 2017 Meraki Template
Dynamic AP Mesh Neighbors
6/5/2017 2017 Meraki Template
6/5/2017 2017 Meraki Template
Wireless Per AP SSIDSSID availability policy
Section B
• Switches
6/5/2017 2017 Meraki Template
Two Switch Network
6/5/2017 2017 Meraki Template
Two Switch Network Topology:15 Total Meraki Components
1 MX65, 2 MS220 switches, 12 access points
6/5/2017 2017 Meraki Template
MS220 24 port w/fiber on port 24
6/5/2017 2017 Meraki Template
Root Switch
2017 Meraki Template6/5/2017
PoE Uplink
Assigning the STP root switch and Management VLAN
6/5/2017 2017 Meraki Template
Switch to Switch Uplink PortType Trunk and Native VLAN 499
6/5/2017 2017 Meraki Template
Switch Port List withUplink on Port 48, Voice VLAN 20
2017 Meraki Template6/5/2017
All VLANs Trunked
2017 Meraki Template6/5/2017
Switch Forwarding Tablesort by VLAN # option
2017 Meraki Template6/5/2017
DHCP Server DetectionAllow/Block
6/5/2017 2017 Meraki Template
Section C
• Security Appliance
• Summary:
– Contact Meraki or a reseller for hardware sizing.
– Contact Meraki tech support when performance issues are suspected.
– Capable of exporting policies for reuse/sharing
6/5/2017 2017 Meraki Template
2017 Meraki Template6/5/2017
MX Summary Page
MX84 Security Appliance
6/5/2017 2017 Meraki Template
MX Firewall Policy Part 1
2017 Meraki Template6/5/2017
MX Firewall Policy Part 2
2017 Meraki Template6/5/2017
WAN Address AssignmentRequires console port connection remote
changes are not allowed
6/5/2017 2017 Meraki Template
Routing, VLAN and Network Assignment and VLAN policy