Named VLANs in MS Configurations

Last updated
Save as PDF

The following article describes the requirements, configuration, validation, and removal of named VLANs on Cisco Meraki MS devices. Named VLANs allow you to easily reference VLANs in a human readable way without the need for additional reference documentation to determine which VLANs are for what purpose.

Summary

Meraki's VLAN Profiles provides the ability to map any VLAN to a name or a VLAN list to a group name. This function can be used for a number of scenarios on MR and MS as highlighted in the document: VLAN Profiles

Named VLANs on switchport configurations is currently an Early Access feature (Oct 2023) available under Organization > Early Access > VLAN Profiles.

Named VLANs are available to be not only utilized for RADIUS based assignment, but also for dashboard based configurations. This provides a way to reference VLANs in a human-readable manner that helps alleviate the necessity for a secondary reference document to determine which VLAN is for which purpose.

Gif exhibiting the assignment of a VLAN name to selected switch ports in the Meraki Dashboard.

Requirements

VLAN Names and Group Names for switchport configurations are supported on:

All MS/CS networks on MS15+ firmware
Trunk Port interfaces
Access Port interfaces

VLAN Names and Groups are NOT currently supported on:

MS/CS networks on < MS15 firmware
Template Networks
Switch Port Profiles
MX switchports
MR multi-port units (MR30H/MR36H)

NOTE: Please refer to the VLAN profiles documentation on the required firmware versions for use with RADIUS

Getting Started

For guidance on getting started and utilizing VLAN Profiles please see the documentation article here: VLAN Profiles

To be able to use names to reference VLANs on switchports, at least the Default VLAN Profile needs to be populated with as minimal as a single VLAN name and/or group. Every device in the network is bound to the default VLAN profile to start, with the ability for an admin to create non-default profiles for use-cases where a Meraki network device (MS / MR) utilizes a different VLAN ID or Group list for the same name.

Example: The default profile has a map of Employee to VLAN 10, where on floor 2 the Employee VLAN is 20. In this instance an administrator would create a non-default profile for Floor-2 and map Employee to VLAN 20.

Once a VLAN or set of VLANs/groups are defined in the VLAN profile, the named VLANs will become available on switchport configurations under Switching > Switch Ports as well as under the per switch configurations found in Switching > Switches > {Select switch} > Ports. There are a few key things to keep in mind while using Named VLANs for configuration.

A Named VLAN can be used in the following scenarios:
- Access Port configuration for Data and Voice VLAN
- Trunk Port Configurations for both Native VLAN configuration, and using VLAN Groups for Allowed VLANs
A VLAN Group can contain as many VLANs as supported on a switch (4094 on traditional MS and 1000 active on MS390 and C9300-M)
- When a VLAN group is defined with more than 32 VLANs, the Group will NOT be sent to the switch for use with RADIUS assignment. A warning label is provided explaining:

When selecting multiple ports in the Switching > Switch ports table, if the ports are across multiple switches, the VLAN ID/s will not be shown next to the VLAN name and will show "multiple values" and the VLAN IDs will be associated based on the switch's profile assignment.
Please refer to this example:

NOTE: Using integers instead of names can be configured by simply typing the VLAN ID instead of a name in the field/s on the switchport/s.

Validating Name to VLAN ID Assignments

Once the configurations are saved, the appropriate VLAN IDs should show on the switch port/s that were configured.

Gif showing how to validate name to VLAN ID assignments in the Switch Ports page of the Meraki Dashboard.

If a switch is receiving the VLAN ID from the default group, and the desire is for the switch to use a non-default profile, please validate the device's profile assignment under Network-wide > VLAN Profiles > Profile assignment.

Changing a switch's profile

If a device or set of devices need to be moved from the default profile to a non-default profile, and if VLAN names have been used to configure the switch, the VLAN IDs will change with the profile. Please note if proper attention has not been paid, this could cause an outage as all Names and Groups will be updated with the destination profile's configuration.

The following warning will be presented:

Warning: By updating profile assignment, all the VLAN IDs of the switch port associated with VLAN name or group name will be updated. This may possibly cause outage.

Deleting a VLAN Name from a profile

If a VLAN Name must be deleted, all switchports that were configured with the VLAN ID will retain the VLAN ID configuration, however the name will be removed from the individual port configuration in dashboard. The following warning will be presented:

Warning: VLAN IDs of all the switch ports associated with following VLAN name or VLAN group will remain the same, but their name association will be removed.

Deleting a non-default profile with switches associated

In the event a non-default profile is deleted with switches associated to it, the respective switch port VLAN Names/Groups will be removed and the switches will retain their VLAN ID configuration.