Managing Meraki

Using Cisco MSX Managed Devices services, operators can manage organizations (attach, edit, or delete) and create networks comprising Meraki devices and services. An organization implies Meraki networks managed by one or more accounts. For deploying a Meraki solution, it is essential to consider an organizational structure that will use this solution. It is recommended to have one organization per customer or one organization per service. For more information on when to use multiple organizations, see the section, 'Building a Scalable Meraki Solution' in Cisco Meraki documentation.

The following are the Meraki wireless and combined device types currently supported on Cisco MSX:

  • MX -Security and SD-WAN: The Meraki MX is an enterprise security & also equipped with SD-WAN capabilities that enable administrators to maximize network resiliency and bandwidth efficiency.The following are the MX devices supported on MSX.

    • MX64, MX65, MX67, and MX68 required for a small branch setup

    • MX84 and MX100 required for a medium branch setup

    • MX250 and MX450 required for a large branch/campus setup

    • vMX device types for virtual devices

  • MR- Wireless LAN: MR device types for cloud-managed WLAN access points.

  • MS - Switches: MS device types are cloud-managed access and aggregation switches series of access switches. Using these switches, thousands of switch ports can be configured and monitored instantly, over the web.

Attaching Organizations

You can associate one or more organizations to the tenant's control plane. Organization implies a collection of networks that are part of a single organizational entity. These networks, in turn, can have multiple devices.

To attach oragnizations in MSX:

Procedure

Step 1

Log in to the Cisco MSX portal using your credential.
Step 2

From the left pane, choose Tenant Workspace > Settings > Meraki Organizations.

The Meraki Organization page is dispalyed.

Step 3

Click Attach Organizations.

The Attach Meraki Organizations dialog box is displayed.
Step 4

Click Get Started.

Step 5

Enter the Meraki API Access Key on the Connect to Meraki page.

Use the eye icon to view and validate the API key.

Note 

You can get the Meraki access key by logging in to the Meraki dashboard. Click User > My Profile > Generate New API Access Key to generate a new key.

Step 6

Click > to move to the next page.

Step 7

On the Select Meraki Organization page, select upto five organizations to attach to your Meraki control plane. The drop-down lists the available organizations for the access key you had provided in the previous step. In case you want to attach more than five organizations, you can do so at the end of this process by selecting Attach Another Organization option.

Step 8

Click > to move to the next window and initiate the attaching process. You can close the window or click Attach Another Organization to add more organizations to the control plane.

All the organizations added to the tenant's control plane is displayed in Tenant Workspace > Settings > Meraki Organizations.

Editing or Detaching Organizations

To edit or detach an attached organization in MSX:

Procedure

Step 1

Log in to the Cisco MSX portal using your credential.
Step 2

From the left pane, choose Tenant Workspace > Settings > Meraki Organizations.

The Meraki Organization page is displayed with the list of organizations that were added to the tenant's control plane.

Step 3

Select a row and click on the ellipsis (...) and choose Edit Access Key to edit the Organization details that were provided while attaching the organization to your tenant's control plane.

Step 4

On the Edit Access Key dialog box, click Meraki API Access Key field to clear the previous key and enter a new key and click Save. Click Cancel to retain the old key.

Detaching Organizations:

If you want to detach or disassociate an organization from a tenants control plane, click on the ellipsis (...) and choose Detach.

Creating Networks

A network is a logical container of multiple devices that can be created for a site and can be a combination of devices.

Before you begin

Make sure you have an organization attached within MSX. For more information, see Attaching Organizations.

Procedure

Step 1

Log in to the Cisco MSX portal.

Step 2

From the left pane, choose Tenant Workspace > Sites.

The list of sites associated with a tenant is displayed.
Step 3

Select any one of the sites to view the detailed site status.

This page lists all the site metrics along with status of the selected site.
Step 4

Under the Managed Device section on the page, click + > Create New Meraki Networks to associate a new network to the selected site.

The Create New Meraki Network wizard is displayed to set up networks to manage multiple devices.

Step 5

Click Get Started.

The Meraki Network Information dialog box is displayed.

Step 6

Enter the following details on the Meraki Network Information page.

  • Network name: Specify a name for your new network.

  • Organization: Choose the organization that you want to associate your network to from the drop-down list.

  • Meraki Network Tags: This field displays all the tags currently available in Meraki. You can also add new tags. Type a new tag and click on the Add New option that appears as you type a new tag to save the new tag.

Step 7

Click > to move to the Select Network Type page.

Step 8

In the Select Network Type page, choose the type of Meraki devices (Wireless, Switch, Appliance) that will be managed in this new network. Choose the Combined option to add different device types to your network.
Step 9

Click > to move to the Select Initial Configuration for Network page.

Step 10

Set up a network. Choose from one of the following options to setup the network configurations:

  • No Configurations: Create a network without any template configurations, but later you can attach a configuration template to this network.

  • Clone from Network: Create a network with configuration settings copied from an existing network to a new network. On the Select Meraki Network to Clone page, select a network from the list of available networks from where the configuration settings must be copied. The network list shown depends on the network type you chose in Step 8. The network list can be narrowed down by searching with specific tags in the Meraki Network Tags field. After cloning, any configuration changes made to the source network are not inherited into the new network.

  • Clone from Template: Create a network with configuration copied from an existing template into a new network. On the Select Meraki Template to Clone page, select the template from the Template Name drop-down list from where the configuration must be copied. The options shown in the drop-down depends on the network type you chose in Step 8. After cloning, any configuration changes made to the source network are not inherited into the new network.

  • Attach to Template: Create a network and then associate it to an existing template. On the Select Meraki Template to Attach page, select a template from the Template Name drop-down list to which the network can be attached. The options shown in the drop-down depends on the network type you chose in Step 8. If you use this option, any changes in the source template are automatically applied to all the associated networks.

Step 11

Click > to move to the Review and Submit page.

Step 12

Review the details and click Submit to complete the process.

Viewing Meraki Networks for a Site

Cisco MSX Managed Device service pack provides the capability to monitor the site status and the networks associated to the sites.

To view the site details:

Procedure

Step 1

Log in to the Cisco MSX portal.

Step 2

From the left pane, choose Tenant Workspace > Sites.

The list of sites associated with a tenant is displayed.
Step 3

Select any one of the sites to view the detailed site status.

This page lists all the site metrics along with status of the selected site.

Under the Managed Device section of the page, you can view the list of Meraki network assigned to this site.

Assigning Meraki Network to a Site

A Meraki network must be assigned to a site in the following cases:

  • When a control plane is attached, and you want to plot network to different site locations.

  • When a site is deleted, the network gets unmapped, and you want to associate this network with a site.

  • When you want to attach Meraki devices to a site.


Note

You can assign up to 5 networks to a site that can be managed separately.

Using this procedure, you can assign networks to a single organization at a time. However, if you wish to attach sites to more organizations, you must repeat this procedure. To attach a network to a site:

Before you begin

Associate one or more organizations to the tenant's control plane. For more information, see Attaching Organizations.

Procedure

Step 1

Log in to the Cisco MSX portal.

Step 2

From the left pane, choose Tenant Workspace > Sites.

The list of sites associated with a tenant is displayed.
Step 3

Select any one of the sites to view the detailed site status.

This page lists all the site metrics along with status of the selected site.
Step 4

Under the Managed Device section on the page, click + > Assign Meraki Network to assign networks already available in a Meraki organization to a selected site.

The Assign Meraki Network to Site wizard is displayed to associate networks to a site.

Step 5

Click Get Started.

The Select Meraki Network dialog box is displayed.

Step 6

Select an organization to which the network needs to be assigned, and select one or more available networks for a site. Narrow down the networks using network name and network type.

Step 7

Click > to move to the Review and Submit page.

Step 8

Review the details and click Submit to complete the process.

Under the Managed Device section of the page, you can view the list of Meraki network assigned to the site. The Tenant Workspace > Site tab will also list the devices assigned for a Meraki network.

Unassigning a Network from a Site

You can use the unassign option to disassociate a network and later associate it to another site.

From the Managed Device section of the Site Details page, select a Meraki network row, click on the ellipsis (...), and choose Unassign Network. This will remove the networks and devices attached to the site.

Synchronizing Networks and its Devices

In MSX, you can synchorinze Meraki details into MSX at:

  • Organization-level: Use the Sync with Meraki option in Tenant > Setting > Organization to sync all networks and devices available within an Organization.

  • Network-level: Using the APIs in the Meraki-Control-Plane-Controller section of Merakiservice APIs, you can do the following:

    • Synchronize only a list of networks and the devices in the network. Provide the list of network IDs for which the synchronization needs to be performed. Use the POST /merkai/api/v1/controlplanes/{controlPlaneID}/synchronize for the synchronization.

    • Schedule a sycnhronization task


Note

Only users with Meraki Synchronization (Manage) permission under Meraki Service section can perform the sychronization within MSX.

For more information on these APIs, refer the Swagger documentation that can be accessed from MSX portal > Account Settings > Swagger > Meraki Service API.

Editing or Deleting a Network

To edit and delete a Meraki network:

Procedure

Step 1

Log in to the Cisco MSX portal.

Step 2

From the left pane, choose Tenant Workspace > Sites.

The list of sites associated with a tenant is displayed.
Step 3

Select any one of the sites to view the detailed site status.

This page lists all the site metrics along with status of the selected site.

Under the Managed Device section of the page, you can view the list of Meraki network assigned to this site.

Step 4

Select a network, and click on the ellipsis (…) and select Edit Networkto edit the network details. You can add or edit the existing network tags, and also change template for a network using the Edit Meraki Network dialog box.

Deleting the Network:

Click on the ellipsis (…) and select Delete to delete the selected network.

Configuring Switch Ports

Cisco MSX provides the ability to create configuration and deploy them to multiple switch ports using the pre-defined templates that are available within the Cisco MSX.


Note

  • Currently, this functionality is available only for Switch Ports for Meraki.

  • Only user roles with Switch Configuration (Manage) permission can manage the switch port configurations from MSX. Users with the (View) permission can only view the configurations.

Creating Switch Port Configuration

Cisco MSX provides a switch configuration feature template to create new port configurations and apply them to the ports within a tenant hierarchy. Use this template to create configurations with which you can turn ports on/off, enable spanning tree (RSTP), define port types (access/trunk), and specify VLANs (data and voice). Feature template is helpful in scenarios when the switches or the ports in organizations are configured in a similar manner. Once the new configurations are created and tagged appropriately, you can apply these configurations to ports or devices across a tenant hierarchy that uses the same tags.

To create a new switch port configuration using out-of-the-box template available within MSX:

Procedure

Step 1

Log in to the Cisco MSX portal.

Step 2

From the left pane, choose Tenant Workspace > Service Controls.

Step 3

Select Switch Management to create new switch configurations.

Step 4

On the Switch Management page, click + or New Configuration option to create a new switch configuration.

The Create Configurationwizard is displayed.

Step 5

Click Get Started.

The Add Configuration Information window is displayed.

Step 6

Enter a unique name for the new port configuration and its description, and select an existing feature template. Next, select one or more tags that categorize entities based on common criteria. Tags can be region-based or department-based. Examples of Tags in a School system can be Classroom, Auditorium, and so on. The configurations will be only applied to target entities that uses all the specified tags.

Note 

If no tags are displayed, make sure there is a Meraki organization attached to the MSX instance. For more information, see Attaching Organizations. Also, make sure that the target entities are configured with tags outside of MSX. For example, for Meraki the Switch Ports can be configured with tags using the Meraki Dashboard.

Step 7

Click > to move to the Enter Configuration page.

Step 8

Enter further configurations based on the template that was selected to create this new configuration. These configurations apply to tenants that use the same tags. If locked, tenants would not be able to modify these values.

Note 

Some of the fields on the Enter Configuration page require additional settings on the Meraki dashboard. For more information, see Important Notes on Switch Port Configurations.

Step 9

Click > to move to the Review and Save page.

Step 10

Review the details and click Submit to complete the process.

Under the Switch Management page, you can view the newly created switch port configuration, and apply these configuration to a destination target.

Important Notes on the Switch Port Configurations

The following are important notes for the Storm Control field that is displayed on the Enter Configuration page:

  • Storm Control Configurations:

    • Storm control configuration options for enhanced storm control are supported only on MS Series switches; MS210, MS225, MS250, MS350, MS355, MS390, MS400 series switches with firmware MS10.0 and higher.

    • For storm control functionality to work on MSX, it must be enabled on a network from the Meraki dashboard. For more information, see Enabling Storm Control.

Editing Switch Port Configuration

To edit switch port configuration:

Procedure

Step 1

Log in to the Cisco MSX portal.

Step 2

From the left pane, choose Tenant Workspace > Service Controls.

Step 3

Select Switch Management to edit new switch configurations.

The Switch Management page lists configurations that were created and saved.

Step 4

Select a configuration and click on the ellipsis (…) > Edit Configuration.

The Edit Configuration window is displayed.

Step 5

Edit to modify an existing switch port configurations. These configurations apply to tenants that use the same tags. If locked, tenants would not be able to modify these values.

Step 6

Click > to move to the Review and Save page.

Step 7

Review the details and click Submit to complete the process.

Under the Switch Management page, you can view the edited switch port configuration, and apply these configuration to a destination target.

Applying Switch Port Configuration

After creating and tagging the switch port configuration appropriately, you can use these parameters to deploy configurations on similarly tagged target entities, such as switch ports. The target entities should be configured with tags outside of MSX. For example, for Meraki the Switch Ports can be configured with tags using the Meraki Dashboard.

To apply a new switch port configuration:

Before you begin

Make sure the entities where the configurations have to be applied are pre-configured with tags outside of MSX. For example, for Meraki, the Switch Ports can be tagged from the Meraki Dashboard. For more information, see Manage Tags in Meraki Documentation.

Procedure

Step 1

Log in to the Cisco MSX portal.

Step 2

From the left pane, choose Tenant Workspace > Service Controls > Switch Management tile.

Step 3

On the Switch Management page, select a configuration, and click the ellipsis (...), and choose Apply Configuration.

Step 4

Click Apply Configuration to deploy the configuration on entities that use similar tags across a tenant hierarchy.

Step 5

To track the status of the deployment, from the Switch Management page, click on the clock icon on the top right side to display the list of user actions. Click the ellipsis (...) and choose View Details.

The Deployment Activity page displays the Status of applied configurations for entities that used similar tag(s). You can filter the list by Status or sort this list in a particular order.