Cisco Meraki Access Points feature powerful Air Marshal technology that can assist with mitigating wireless threats to your network. Access points feature the ability to contain rogue access points that can put your network at risk.
Cisco Meraki Access Points have a feature known as Air Marshal that allows administrators to quickly and easily identify threats and maintain a secure wireless network. This feature can be monitored and configured on the Monitor > Air Marshal page. More information on this feature can be found here or here.
An alert may appear on your AP detail page stating: "This device is having difficulty contacting the Meraki Cloud. Please make sure your wired network allows outgoing connections to x.x.x.x and x.x.x.x on ports 443, 7734, 7351 and 7752." When this happens, the AP icon (located in Dashboard under Wireless > Monitor > Access Points) turns yellow, the connectivity graph is green, and the AP does not download the latest firmware or configuration from the Meraki Cloud.
Wireless packet captures are incredibly useful while troubleshooting specific events on a WLAN. The most common use is to see all communication (data, management and control frames) between a station (STA) and an access point (AP). This is easily possible while using an AirPCAP adapter however these can be expensive and may not be available while experiencing connectivity issues.
A device may appear on the Event Log but not be visible in the clients list. Searching the clients list will also not return this entry. This occurs when a device attempts to connect to an SSID but is not able to fully connect. If you click on the device in the Event Log there is a page for that device but the traffic graph and pie charts will be blank
The Cisco Meraki Dashboard offers network administrators the ability to monitor and manage individual network clients, which can be helpful for both administration and troubleshooting purposes. This article overviews the client details page for MR, MS and MX/Z1 networks. You can get to this page by navigating to Monitor > Clients and clicking on the desired client.
Alert messages can be viewed by clicking on the AP in question located under Monitor > Access Points. These messages can be used to aid troubleshooting what issue an AP may be experiencing. Cisco Meraki devices attempt to connect to Dashboard in a variety of ways to allow you to troubleshoot connectivity issues even if some network services, like DNS, are not working. This article will discuss the various alert messages that may appear in Dashboard.
When monitoring your wireless environment, the event log (in the Dashboard at Monitor > Event log) can be an invaluable tool in gaining a additional visibility into current activity. A list of the common wireless event log messages along with their origin and their potential causes can help to bring a better understanding of the wireless environment.
Cisco Meraki devices will display their public IP address on their device status page. The device status page can be found for MX appliances by navigating to Monitor > Appliance status in Dashboard. On APs and switches, this can be found by going to the device listing page and then clicking a specific device (Monitor > Access points for APs and Monitor > Switches for switches). It is possible that this public IP address appears incorrect.
When Bridge mode is enabled, wireless and wired clients connected to your Meraki APs will receive an IP address from the DHCP server on the wired LAN. If your DHCP server is unreachable, misconfigured, or has no available IP addresses left in its DHCP address pool, clients will not be able to receive a DHCP lease and the following message will appear in the Meraki Event log
Hostname Visibility is a Traffic Analytics feature. Enabling Hostname Visibility will allow you to view statistics about specific hostnames and IP addresses that are visited by clients on your network. You can view these statistics for your entire network and per-client. This type of information can be useful for understanding the types of traffic flowing over your network and constructing traffic policies to meet the needs of your Organization.
The Meraki MR34 and MR42 access points require 802.3at power to provide full functionality. Some switches and POE injectors are not capable of supplying this level of power. If the MR is receiving less power than the 802.3at standard, it will display "running in low power mode".
Configurations made on Dashboard are immediately saved on the cloud. However, the physical Cisco Meraki devices may take few moments to download those changes. This article explains how to monitor the configuration update status from the Dashboard to ensure that the Cisco Meraki devices are up to date.
Cisco Meraki devices can identify the hostname of a client device using NetBIOS, Bonjour and DHCP. In some instances, the detected hostname may undesirable. For example, 2 devices on the same network with identical hostnames or a device that has been identified by its MAC address. The hostname can be overridden within Dashboard by configuring a manual value.
The factors below should be considered when troubleshooting suspected blocked or unauthorized access: Unauthorized and users may still access web sites on the meraki.com domain if they are not blocklisted. This bandwidth will not appear in dashboard.
The Cisco Meraki Scanning API is a powerful resource. For example, when combined with floorplan syncing, the Scanning API can report client locations as devices traverse a given floorplan. This article covers common issues and troubleshooting steps for the Scanning API.
Dashboard gives users the ability to download and export several types of data including Client data. When viewing this exported data, you may run into difficulties deciphering the time and date values as they are exported in the EPOCH time standard. The following steps explain how to export your client usage data, and convert that data into a more recognizable format:
The Cisco Meraki Dashboard has the ability to list the real-time channel utilization detected by a particular access point. This is helpful to understand the performance and stability of the RF environment. The real-time channel utilization can be viewed on the dashboard under AP details.
MR access points (APs) have the ability to monitor client network traffic, to help identify and narrow down potential network problems. When configuring access points (APs) to use VLAN tagging or RADIUS servers, additional status fields will become visible on the AP details page. These status fields can be used to help identify potential problems relating to RADIUS authentication or a particular VLAN.
Wireless clients can show up on the AP details page as a currently connected client, and the client details page will show network usage. However, a wireless client will not show up under Monitor -> Clients until they generate some amount of Internet traffic.As such, it is common for wireless printers to not show as a client connected to the AP, if it only provides LAN-based print services.