The Meraki dashboard uses Google map and will initially
place the AP somewhere in Palo Alto California, USA. You can use the
Search/Find tool (click on the magnifying glass icon) and press Enter to
replace the map. To relocate the AP, click
Place APs on map > click and drag the AP on the map > click Done placing
APs.
You can limit the bandwidth by choosing Use custom bandwidth limit and set the preferred bandwidth.
To configure Traffic shaping, click Add a new shaping rule. Go to Definition > Add+ > Custom Expression > type youtube.com and click Add Expression. I chose Per-client bandwidth limit: Choose a limit and set it to 250 Kbps. Click Save Changes at the bottom
Choose Enabled: assign group policies automatically by device type.
Click Add group policy for a device type.
Choose a specific device (iPhone in this example).
Choose the group policy created (default Group policy Actions are either whitelist and blocked) then click Save Changes (at the bottom of the screen). Just wait for 1-2 minutes for changes to take effect.
To delete a group, just click on the X mark (beside Clone) under Actions > then click Confirm Delete. You can’t automatically delete a Group policy if it’s assigned to an SSID. You have to remove it first on the specific SSID under Groups for device types and click on the X mark under Actions.
Below are some screenshots taken from my iPhone connected to the SSID where the Group Policy was applied. The Youtube app just kept on loading due to the Traffic shaping that was applied. Yahoo Mail and Facebook were blocked due to Layer 7 firewall rules that were configured.
You can also configure the same by going to Wireless > Map & floor plans.
You can perform packet capture by going to go to Network-wide > Monitor > Packet
capture. You can choose either All
or Specific Access Point (in this
case I only have one), capture either the Wired or Wireless
interface of the Meraki AP and display the output either View output below or
Download .pcap file (for Wireshark). Click Stop
to stop the packet capture or clear
output to start all over.
To configure general settings on the Meraki dashboard, go to
Network-wide > Configure > General.
To add a new administrator for the Meraki dashboard, click Create new user. Optionally put a
description, type the email address which will be used as user login for the
Meraki dashboard and click Create user.
The initial password will be sent to the new admin’s email address.
You can modify the User Privileges such as Full (default),
Monitor-only, Read-only and Guest ambassador.
You can change the Network time zone by choosing your
country’s time zone in the drop-down menu then click Save on the lower-right hand corner or Save Changes at the bottom of the page. This is important for scheduled firmware upgrades, syslogs and event logs.
To configure "global" Group policies, go to Network-wide > Configure > Group policies. Click
Add a group.
You can put a Name
for the Group policy and choose Scheduling
enabled for the policy to take effect on certain periods of time. You can
choose the built-in Template or customize by choosing which Day, State and time
period (During). I chose 8 to 5 daily
template and it automatically sets the State and time period (During).
You can limit the bandwidth by choosing Use custom bandwidth limit and set the preferred bandwidth.
Click details if
you want to provision asymmetric bandwidth or different download and upload
speed.
You can configure Layer 3 firewall rules (traditional or
legacy firewall) by choosing Custom SSID
firewall & shaping rules and click Add
a firewall rule. I created a rule to Deny ICMP to 8.8.8.8 (Google DNS).
There’s a default rule at the bottom which allows all traffic.
You can configure Layer 7 firewall by clicking Add a layer 7 firewall rule. The default
policy is to Deny the chosen Application. I’ve blocked Yahoo Mail, Playstation
and Facebook as an example.
To configure Traffic shaping, click Add a new shaping rule. Go to Definition > Add+ > Custom Expression > type youtube.com and click Add Expression. I chose Per-client bandwidth limit: Choose a limit and set it to 250 Kbps. Click Save Changes at the bottom
To apply the Group policies, go to Wireless > Configure
> SSIDs. Under the specific SSID, go to Access control > edit settings.
Choose Enabled: assign group policies automatically by device type.
Click Add group policy for a device type.
Choose a specific device (iPhone in this example).
Choose the group policy created (default Group policy Actions are either whitelist and blocked) then click Save Changes (at the bottom of the screen). Just wait for 1-2 minutes for changes to take effect.
To verify if policy is working, go again to Network-wide
> Configure > Group policies. Notice there’s a number of clients (only
iPhones in this example) under Affecting.
To delete a group, just click on the X mark (beside Clone) under Actions > then click Confirm Delete. You can’t automatically delete a Group policy if it’s assigned to an SSID. You have to remove it first on the specific SSID under Groups for device types and click on the X mark under Actions.
You can raise a support case by going to Help > Get Help.
You can search Meraki’s Knowledge Base (KB), click the links to product manuals and
support hotline numbers. Click Submit a Case > New Case to raise a TAC case.
No comments:
Post a Comment