Cisco MERAKI- What do we need to know
WHAT DO WE NEED TO KNOW
CISCO MERAKI has different variety product. Mostly I use is Security appliance, Wireless & Switch.
Mainly they are cloud base product which mean. Without internet, it is not much you can do on the devices. Such as you can change vlan trunk/ access or add DHCP on Security appliance. But you can configure IP address and turn other port to be WAN port.
License always come with the product when you buy, Normally is 1 year then you will need to renew. There is 2 method for Licensing
Per Device - A price per device, you will need to claim it each time. Annual - a price which is included all your devices Without License mean, you can use their meraki cloud Service.
With Licenses, they always come with very nice feature.
on Security Appliance, they will have intrusion detection, You can find it at “SECURITY & SD-WAN”-> SECURITY CENTER, MX will list what source of threat it has blocked. provide to you what is the signature and more information.
on Wireless AP, they will have WIDS/WIPS & Air Marshal. They can detect Rogue SSID, and smart enough to send broadcast message to deauthorizate client.
HERE IS FUNCTION I ALWAYS USE
ORGANIZATION -> SUMMARY REPORT
It is giving you an insight report, of the device in a specific period.
Usage over time – so that you will know is it over your client’s bandwidth capacity
TOP Clients by usage – just to narrow it down which is the most usage client. then do further investigation .
Summary Report
Traffic Analysis
You will need to enable Traffic analysis, in order to information below: Balance: you can see overall application, port Detail: Balance info + source & destination analysis by application: By your client internet usage pattern, normally you can predict how is the application traffic like. is it normal or abnomral. analysis by port: you can quickly find out, is there any other ports which is driven high traffic.
TROUBLESHOOT
Change Log
ORGANIZATION -> CHANGE LOG When there is a issues raise, first thing you want to know. Is there any configuration changes before and after.
PACKET CAPTURE
NETWORK-WIDE -> PACKET CAPTURE This is a very handy tool, you can view the packet on screen or you can download it as pcap file.
EVENT LOG
NETWORK-WIDE -> EVENT LOG When I troubleshooting site to site VPN/ Client VPN, that is the tool. I will always go first. To find out, why didn't establish vpn connection. Which part of ipsec got an issues...
Great summary.. Thanks Joe
Thanks
Appreciated Paul