cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Teaser Ask the Expert- Meraki MR Series: Configuration and Troubleshooting

1202
Views
65
Helpful
12
Comments
Rising star
Ask the Expert
thru

ATTENTION

Due to some issues with this event page, we have moved out this discussion and its replies to this link: https://community.cisco.com/t5/other-wireless-mobility-subjects/ask-the-expert-meraki-mr-series-configuration-and/td-p/3854065

 

Please continue the conversation in the new link!

We apologize for all issues this have caused.

 

This topic is a chance to discuss more about the best practices, considerations and proved guidelines to configure, monitor and troubleshoot 802.11 wireless services under Meraki Cloud-Based architecture. The session focuses in the following topics:

  • Configuration topics include SSID definition, authentication types, client IP assignments, service distributing, availability, firewall, traffic shaping, and radio settings.
  • Monitoring topics cover the understanding of the Access Points status information, client details and RF status.
  • Troubleshooting tools provided by the Meraki Dashboard such as Wireless Health and Packet Captures.

To participate in this event, please use theJoin the Discussion : Cisco Ask the Expertbutton below to ask your questions

Ask questions from Monday 6 to May 17th, 2019

 

Featured Expert

edgarM.jpgEdgar Monroy is a Support Engineer for Cisco Meraki Products, he covers MX, MS, MR, MV and SM. Before joining Meraki’s team he worked as a Cisco Customer Support Engineer for Cisco’s TAC for 4 years. He specializes in 802.11 technology and he has experience in the entire Cisco Wireless Portfolio, including CUWN, Mobility Express, Prime Infrastructure, MSE, CMX and Meraki MR Products. Edgar holds a Bachelor’s Degree in Electronics Engineering from the UDFJC University in Colombia. He holds a CWNA and a CCNP R&S certification.

Remember that you can continue the conversation on the Wireless and Mobility community.

Find other events https://community.cisco.com/t5/custom/page/page-id/Events?categoryId=technology-support  

 

**Helpful votes Encourage Participation! **
Please be sure to rate the Answers to Questions

12 Comments

Hey Edgar

 

I've two questions:

First- Before Implementing, is here any software or steps to follow in order to set the necessary Aps (quantity) you need to implement on the location?
Second- Which are the features that remarks Meraki technology against other competitors?

Cisco Employee

Hello @Daniel Martinez,

 

1.

The success of any wireless implementation is proper design and analysis of the RF conditions before the deployment. Meraki solution provides a way to get the necessary information to understand the AP cell propagation so you can use that information to determine the position of the APs, then confirm proper coverage and an appropriate cell overlapping between APs. Meraki Access Points can work in Site Survey mode, this mode creates a test SSID that you can use to perform passive or active site surveys. Details on how to convert a Meraki AP into site survey mode can be found at:

https://documentation.meraki.com/MR/WiFi_Basics_and_Best_Practices/Conducting_Site_Surveys_with_MR_Access_Points

 

 

There are multiple factors to take into account at the moment of designing a wireless network and choose the appropriate number of APs, depending if you need to provide service for a high number of clients on "small" areas (high density), or have few clients but with the maximum throughput, you may want to use different approaches. Take a look at the following link that describes some key considerations for specific wireless network scenarios:

https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/Enterprise-Mobility-8-5-Design-Guide/Enterprise_Mobility_8-5_Deployment_Guide/wlanrf.html#pgfId-1178832

 

 

2.

The most important factor that differentiates Meraki against other vendors (and not only for wireless applications but for the entire Meraki portfolio) is simplicity. Meraki provides one of the most simple ways to deploy a powerful wireless network with the least required effort, this differentiator does not only apply for the implementation but also for the management and monitoring of the Network:

 

 

 

  • All Meraki devices are Plug&Play, a valid internet connection (with DHCP) is enough to make the devices to grab the configuration from the Meraki Cloud and start to provide service. APs configuration also resides on the cloud, this is particularly convenient when you need to replace APs.

 

  • Wireless client traffic is kept locally at the APs LAN by default, there is no requirement of an additional controller to analyze the traffic and perform services that commonly require high processing such as Access Control and content filtering, each Meraki AP is capable to perform those task, so traffic rules can be enforced to the wireless traffic even before the traffic reaches to the wired LAN.

 

  • Meraki 'Wireless Health' feature is a powerful monitoring tool that takes advantage of the packet inspection capabilities on the APs, this tool is capable to report issues at any of the Wireless connection stages that a client needs to pass before getting proper network access: 802.11 association, authentication, DHCP and DNS resolution. The information provided by this tool will help you determine in a faster way where is the point of failure and expedite the corrective actions. Details of this feature at: https://documentation.meraki.com/MR/Wireless_Health

 

The best way to understand how simple and powerful Meraki products are is by hands-on experience, I invite you to apply for a free trial so you can try all the features that Meraki wireless can offer. go to https://meraki.cisco.com/lp/free-demo 

 

Beginner

Hello,

 

Thank you for this event.  I have two questions:

 

1. How do I enable site survey mode using 5ghz only?

2. I have an android device that will associate with the AP but is unable to view the splash screen to accept and authorize.  What steps can I take to troubleshoot a device like this from the Meraki side since I don't have access to clients?

 

Thank you.

Beginner

Hello,

  We currently have Meraki deployed and want to use Traffic Shaping to help with UDP Loss Rate for Webex.  We use this page to do our testing - https://mediatest.ciscospark.com/#/main On wireless we still get 2% to 4% loss sometimes - seems random.

 

We have enabled the default rules (which include Webex, Skype).  We also "Shape traffic on this SSID" enabled.

We have "mls qos trust dscp" setup on the switchports that the AP are connected to.

 

Is there anything else we can configure/setup to help us with this?

 

Thanks

Cisco Employee

Hello @ringo3999 

 

Wireless QoS relies on the DSCP marking of the packets done by the wireless client to assign the packet into the proper priority queue so the upstream traffic can have better chances to avoid losses over the air. As long as the packets are not marked properly before they are sent to the air, you will be susceptible to delays and potential drops.

 

Meraki Access Points can identify the traffic based on the application type, and they can override the DSCP marking of the packets in the case that the packets are not marked properly by the end device.

 

This is an example of the Webex meeting traffic using UDP 9000 (Webex UDP test seems to use UDP port 5004), the wireless client did not mark the packet with QoS priority going to the air. Without Meraki QoS traffic shaping, the traffic is not enforced with the appropriate DSCP when it goes to the switch: without qos2.PNG

 

When Meraki QoS is enabled, you will notice that the DSCP vlaue is modified and the upstream traffic is now passing to the switch with the proper DSCP value:with qos2.PNG

 

As you are trusting the DSCP value, the switch will effectively manage the upstream traffic accordingly.

 

In order to enable the default QoS markings, go to 'Wireless - Configure - Firewall and Traffic Shaping. Make sure that the Traffic Shaping rules are enabled.

 

UDP port 5004 is not currently considered as Webex traffic, so you may need to also setup a custom QoS rule. See the image below that will describe the proper QoS configuration:

config.PNG

 

Besides QoS marking, there are other considerations to mitigate issues that can impact the performance when the packets travel over wireless. Meraki has a really nice configuration guide to provide the best experience for real-time applications. Please refer to the following link:

https://documentation.meraki.com/Architectures_and_Best_Practices/Cisco_Meraki_Best_Practice_Design/Best_Practice_Design_-_MR_Wireless/Wireless_VoIP_QoS_Best_Practices#Wireless_Voice_Best_Practices

 

In summary, make sure that the SSID provides the best conditions to reduce frame loss (proper site survey, use of 5GHz-only, proper bitrate limit to non-media applications).

 

Cisco Employee

Hello @chrisatclovis 

 

1.

When converting a Meraki AP to Site Survey mode, you have the option to define the power that will be used by each radio, including the option to keep the radio OFF. The following image will show how to make the AP broadcast the Site survey SSID on 5GHz only:sitesurvey.PNG

Details at: 

https://documentation.meraki.com/MR/WiFi_Basics_and_Best_Practices/Conducting_Site_Surveys_with_MR_Access_Points#Configuring_a_Survey_SSID

 

 

 

2.

Here is the expected traffic flow between the wireless device and the Access Point that allows the redirection to the login page:splash flow.PNG

Full details of the splash redirect flow at: https://documentation.meraki.com/MR/Splash_Page/Splash_Page_Traffic_Flow_and_Troubleshooting#Splash_Flow_Breakdown

 

Remember that before a client can initiate an HTTP request, it should have already been able to get a valid IP address, get proper connectivity to its gateway (ARP resolution), and resolve DNS. Once DNS provides the IP address to the web resource, the client should then send the HTTP GET which is intercepted by the AP who replies with an HTTP 307 'temporary redirect'.

 

In order to verify the proper traffic flow between the device and the Access Point, we have 2 options:

 

  • Dashboard Wireless packet capture: This method provides a way to observe the wireless traffic from the wireless device coming into the AP (upstream), this will help us to detect if the client is sending HTTP gets that will be intercepted by the AP. The easiest way to set up the wireless capture for the particular client is by going to the client details page (Network-Wide - Monitor - Clients) and click on the option 'packet capture'. The Dashboard will automatically select the AP where the client is reported to be associated and will define the capture filter to only capture traffic generated by the client wireless MAC address. It is also recommended to always use the output as a PCAP file:Capture.PNG

Full details on how to set up a packet capture, not only for wireless but for any other interface of any of the Meraki appliances, at:

https://documentation.meraki.com/zGeneral_Administration/Cross-Platform_Content/Packet_Capture_Overview

 

 

 

NOTE: Over-the-air packet captures won't display the Layer 3 traffic information if the data payload is encrypted. In order to get the necessary information (DHCP, ARP, DNS, HTTP), the SSID must be configured without any encryption method (Association Requirements: Open, No encryption). 

Cisco Employee

Hi,

I have a question about integration of Meraki and Cisco DNA Center.

Which is: what information/capabilities we should expect to have from this integration?

 

Regards,

Vibha

 

Hi Edgar,

 

I would like to know if Meraki offers custom application detectors, something like what Firepower offers for FMC+FTD.

 

if not what do you suggest to be the best option to classify traffic for voice via softphones at the APs? simply destination IP ranges?

 

Thanks.

ajc Frequent Contributor
Frequent Contributor

Hi Edgar, I have 2 questions:

 

1.-Does Meraki support Bonjour like Cisco WLC?

2.-Why the dashboard does not work properly when the AP renew its IP?. my AP renewed the IP from the one registered initially on the dashboard, now the dashboard is unable to manage the AP. Unclaiming, removing from the network the AP, etc did not help. Any clues?

 

thanks

Beginner

Hi Edgar, I have one simple question.

 

802.11w had a vulnerability a while back and the button was greyed out so it couldn't be enabled. Now that the button is back, is it safe to enable 802.11w?

Community Manager

Hi @cjjones 
Thanks for extending your question. Due to some issues with this page, we’ve moved your question and others into a “New event discussion page” Edgar will be answering you on the new discussion event page: https://community.cisco.com/t5/other-wireless-mobility-subjects/test-ask-the-expert-meraki-mr-series-configuration-and/m-p/3854065

Community Manager

Hi @giovanni.augusto @vijha @ajc

Thanks for extending your question. Due to some issues with this page, we’ve moved your question and others into a “New event discussion page” Edgar will be answering you on the new discussion event page: https://community.cisco.com/t5/other-wireless-mobility-subjects/ask-the-expert-meraki-mr-series-configuration-and/m-p/3854065

CreatePlease to create content
This widget could not be displayed.