Cisco
Technology
Networking
Meraki Wireless with ISE Integration and Troubleshooting Custom Training (ECMSTS)

Upon completing this course, the learner will be able to meet these overall objectives:

  • Designing for scalable management and high availability
  • Automating and scaling Meraki deployments
  • Implementing Quality of Service (QoS) and traffic shaping design
  • Switched network concepts and practices
  • Understand wireless configuration practices and concepts
  • Understand Endpoint management concepts and practices
  • Gaining additional network insight through application monitoring
  • Preparing monitoring, logging, and alerting services
  • Setting up Dashboard reporting and auditing capabilities
  • Gaining visibility and resolving issues using Meraki features and built-in troubleshooting tools
Course content

Course Outline:

  • Review Core Meraki terminology
  • Meraki Wireless Mesh Networking overview and Troubleshooting
    • AP vs Mesh
  • Air Marshal (WIPS) Solution
  • RF Spectrum Analysis Overview and Mitigation
  • Radar detection and mitigation actions
  • Identifying and Troubleshooting Roaming issues in wireless networks
  • Best practices in troubleshooting various LAN/WIFI incidents (Including Topics from Appendix A)
    • Main issues and troubleshooting approaches
    • RCA
    • Log analysis
    • Tools
    • Daily operational tasks
  • Meraki QoS best practices
  • General Device Health Monitoring
  • Meraki API
    • Meraki API Overview
    • Enabling Meraki API
    • Understanding the Dashboard API
  • ISE
    • Check the ISE Live Logs
    • Check for Any Failed Authentication Attempts in the Log
    • Check for Passed Authentication Entry or the MAC Address in the Log
    • Check the NAD Interface Status or the ISE Detailed Reports
    • Validate the RADIUS Configuration on the NAD
    • Validate ISE Endpoint Group and AuthZ Policy
    • User authentication against Active Directory failed since user has entered the wrong password
    • Subject not found in the applicable identity store(s)
    • Identity policy result is configured for password-based authentication methods but received certificate-based authentication request
    • Wrong password or invalid shared secret
    • Identity policy result is configured for certificate-based authentication methods but received password based
    • Could not locate Network Device or AAA Client
    • Dynamic Authorization failed
    • Basic ISE primary and secondary VM troubleshooting
  • Cisco TAC creation
    • When you should create a TAC case
    • What should be included in the TAC case
    • Where to find the logs to include in the TAC case

Appendix A:

  • Testing Using the Ping Live Tool
  • Troubleshooting Packet Loss between Devices
    • Determining Packet Loss 
    • Common Causes of Packet Loss
      • Duplex Mismatch
      • Link Congestion (Too Much Traffic)
      • Firewall Blocking Certain Traffic
      • Physical Layer Issues
  • General Troubleshooting Steps for Meraki APs
    • Check radio functionality by making the AP a repeater
    • Check Ethernet port functionality by connecting to the AP
    • Check Static IP address configuration
    • Clients Not Getting an IP Address
      • SSIDs in Bridge Mode
        • Exhausted DHCP Pool
        • DHCP Server is Unreachable
        • Incorrect VLAN Tags
      • SSIDs in NAT Mode
    • Clients Unable to Connect to a Specific SSID
      • Check the Event Logs for the Devices
      • Verify the Credentials
    • Clients not Able to Connect to a Specific AP
      • Test an SSID with Minimal Configuration Settings
      • Verify Upstream Settings
    • Clients not Getting Internet Connectivity
    • Clients Connect to a Far Away AP
    • Specific Error in the Event Logs
    • Poor Throughput Due to RF Performance
    • Wireless Network Unable to Access Local LAN
    • Splash Page Issues
  • Troubleshooting and Replacing a Faulty MR Access Point
  • For All MR Models
    • If no lights are lit on the unit
    • If there is one solid orange power LED and no other LEDs are lit
  • For MR12, MR16, MR24, MR58, MR66, and OD2
    • If there is one solid orange power LED and the signal LEDs are flashing green simultaneously
    • If all LEDs are lit green except for the Ethernet LED (second from the bottom)
    • If there is one solid orange power LED and the signal LEDs are blinking up and down one at a time
  • For MR18, MR26, MR32, MR34, MR72
    • If the LED is cycling through the rainbow colors
    • If the LED is blinking orange
  • Using Packet Capture to Troubleshoot Client-side DHCP Issues          
  • Troubleshooting PoE on MS switches
  • Storm Control for MS
  • VLAN Mismatch Alerts for Meraki Switches
  • Packet Captures and Port Mirroring on the MS Switch
  • Troubleshooting and Replacing a Faulty MS Switch
    • No lights when the switch is powered on
    • Switch has a solid amber power LED
    • No link lights when connecting a device to an Ethernet switch port
    • Switch doesn't recognize a connected SFP module
    • No power delivered to a connected Power over Ethernet (PoE) device
    • Switch Cloning (Replace Faulty MS with New MS)