2017 Meraki Network Template - Archdiocese of Meraki   2017 Meraki Network Template VLAN

  • View
    216

  • Download
    0

Embed Size (px)

Text of 2017 Meraki Network Template - Archdiocese of Meraki   2017 Meraki Network Template VLAN

  • 2017 Meraki Network TemplateVLAN Design Templates: MX84/65,MS225,MR42

    Examples of common network configurationsUpdated per the April 25th All Archdiocesan conference call

    Tom OCallahan

    OCS Technology Planning and Strategy

    tom.ocallahan@seattlearch.org

    Note: Use the Meraki documentation for more configuration and usage details. This is a best practice guide for schools. Please contact me with revisions or updates.

  • Network Template Examples

    The examples include use of VLANs to separate/isolate user communities (teachers and students). VLANs requires VLAN/network routing capable routers/security appliances. VLANs is typically the least complex and most reliable way to provide granular per user community access policies.

    Section A Access Points

    Section B Switches (VLANs)

    Section C Security Appliance (VLANs and network routing)

    Section D Network-wide

    6/5/2017 2017 Meraki Template

  • Section A

    Access Points Summary:

    Enable automatic power reduction Optimize performance with 5G preference SSIDs Enable band steering let Meraki make the client decisions Use DFS channels to provide the max radio capacity Provide a higher preference for high bit rate school Wi-Fi

    computers (min: 11, 24 is better) Consider using Air Marshall to contain non-school access

    points leakage More that 5 SSID may degrade performance by 20% Clients roaming: Apple default is 802.11v mode

    6/5/2017 2017 Meraki Template

  • MR42 Access Point Summary

    6/5/2017 2017 Meraki Template

  • Access Points with multiple networksMR42 SSID VLAN Tagged

    2017 Meraki Template6/5/2017

  • Wireless Radio SettingsPower, 5GHz 40 v. 80 MHz and DFS

    6/5/2017 2017 Meraki Template

  • Wireless Access ControlDual Band and Bitrate

    6/5/2017 2017 Meraki Template

  • Access point ToolARP Table to Confirm Layer 2 Clients

    6/5/2017 2017 Meraki Template

  • AP to Meraki Performance TestRough estimate of connection speed

    6/5/2017 2017 Meraki Template

  • Dynamic AP Mesh Neighbors

    6/5/2017 2017 Meraki Template

  • 6/5/2017 2017 Meraki Template

    Wireless Per AP SSIDSSID availability policy

  • Section B

    Switches

    6/5/2017 2017 Meraki Template

  • Two Switch Network

    6/5/2017 2017 Meraki Template

  • Two Switch Network Topology:15 Total Meraki Components

    1 MX65, 2 MS220 switches, 12 access points

    6/5/2017 2017 Meraki Template

  • MS220 24 port w/fiber on port 24

    6/5/2017 2017 Meraki Template

  • Root Switch

    2017 Meraki Template6/5/2017

    PoE Uplink

  • Assigning the STP root switch and Management VLAN

    6/5/2017 2017 Meraki Template

  • Switch to Switch Uplink PortType Trunk and Native VLAN 499

    6/5/2017 2017 Meraki Template

  • Switch Port List withUplink on Port 48, Voice VLAN 20

    2017 Meraki Template6/5/2017

  • All VLANs Trunked

    2017 Meraki Template6/5/2017

  • Switch Forwarding Tablesort by VLAN # option

    2017 Meraki Template6/5/2017

  • DHCP Server DetectionAllow/Block

    6/5/2017 2017 Meraki Template

  • Section C

    Security Appliance

    Summary:

    Contact Meraki or a reseller for hardware sizing.

    Contact Meraki tech support when performance issues are suspected.

    Capable of exporting policies for reuse/sharing

    6/5/2017 2017 Meraki Template

  • 2017 Meraki Template6/5/2017

    MX Summary Page

  • MX84 Security Appliance

    6/5/2017 2017 Meraki Template

  • MX Firewall Policy Part 1

    2017 Meraki Template6/5/2017

  • MX Firewall Policy Part 2

    2017 Meraki Template6/5/2017

  • WAN Address AssignmentRequires console port connection remote

    changes are not allowed

    6/5/2017 2017 Meraki Template

  • Routing, VLAN and Network Assignment and VLAN policy

    6/5/2017 2017 Meraki Template

  • DHCP Networks and Mgmt VLAN

    2017 Meraki Template6/5/2017

  • DHCP Networks w Mgmt VLAN 499

    6/5/2017 2017 Meraki Template

  • MX Route and VLANs Part 1

    2017 Meraki Template6/5/2017

  • LAN Port Assignment MX VLAN Part 2

    2017 Meraki Template6/5/2017

  • MX URL Blockinghttp and https

    6/5/2017 2017 Meraki Template

  • Content Filter Log: 2 examples

    2017 Meraki Template6/5/2017

  • MX Intrusion detection

    6/5/2017 2017 Meraki Template

  • MX Route Table w/Client VPN

    6/5/2017 2017 Meraki Template

  • MX Client VPN

    6/5/2017 2017 Meraki Template

  • https://n149.meraki.com/PJP2HS/n/OvzF0dvc/manage/nodes/routes

    2017 Meraki Template6/5/2017

    Meraki MX84 Route Table

    https://n149.meraki.com/PJP2HS/n/OvzF0dvc/manage/nodes/routes

  • Section D

    Network-wide

    6/5/2017 2017 Meraki Template

  • General Custom Pie Chart

    6/5/2017 2017 Meraki Template

  • Interesting Traffic MonitoringCustom Pie Chart - NWEA

    6/5/2017 2017 Meraki Template

  • Summary Report

    6/5/2017 2017 Meraki Template

  • Group Policies

    6/5/2017 2017 Meraki Template

  • Detailed Group Policy: VLAN Tag

    6/5/2017 2017 Meraki Template

  • VLAN Tag use for group policy

    2017 Meraki Template6/5/2017