Cisco
Technology
Networking
Meraki Wireless with ISE Integration and Troubleshooting Custom Training (ECMSTS)
Upon completing this course, the learner will be able to meet these overall objectives:
- Designing for scalable management and high availability
- Automating and scaling Meraki deployments
- Implementing Quality of Service (QoS) and traffic shaping design
- Switched network concepts and practices
- Understand wireless configuration practices and concepts
- Understand Endpoint management concepts and practices
- Gaining additional network insight through application monitoring
- Preparing monitoring, logging, and alerting services
- Setting up Dashboard reporting and auditing capabilities
- Gaining visibility and resolving issues using Meraki features and built-in troubleshooting tools
Course content
Course Outline:
- Review Core Meraki terminology
- Meraki Wireless Mesh Networking overview and Troubleshooting
- AP vs Mesh
- Air Marshal (WIPS) Solution
- RF Spectrum Analysis Overview and Mitigation
- Radar detection and mitigation actions
- Identifying and Troubleshooting Roaming issues in wireless networks
- Best practices in troubleshooting various LAN/WIFI incidents (Including Topics from Appendix A)
- Main issues and troubleshooting approaches
- RCA
- Log analysis
- Tools
- Daily operational tasks
- Meraki QoS best practices
- General Device Health Monitoring
- Meraki API
- Meraki API Overview
- Enabling Meraki API
- Understanding the Dashboard API
- ISE
- Check the ISE Live Logs
- Check for Any Failed Authentication Attempts in the Log
- Check for Passed Authentication Entry or the MAC Address in the Log
- Check the NAD Interface Status or the ISE Detailed Reports
- Validate the RADIUS Configuration on the NAD
- Validate ISE Endpoint Group and AuthZ Policy
- User authentication against Active Directory failed since user has entered the wrong password
- Subject not found in the applicable identity store(s)
- Identity policy result is configured for password-based authentication methods but received certificate-based authentication request
- Wrong password or invalid shared secret
- Identity policy result is configured for certificate-based authentication methods but received password based
- Could not locate Network Device or AAA Client
- Dynamic Authorization failed
- Basic ISE primary and secondary VM troubleshooting
- Cisco TAC creation
- When you should create a TAC case
- What should be included in the TAC case
- Where to find the logs to include in the TAC case
Appendix A:
- Testing Using the Ping Live Tool
- Troubleshooting Packet Loss between Devices
- Determining Packet Loss
- Common Causes of Packet Loss
- Duplex Mismatch
- Link Congestion (Too Much Traffic)
- Firewall Blocking Certain Traffic
- Physical Layer Issues
- General Troubleshooting Steps for Meraki APs
- Check radio functionality by making the AP a repeater
- Check Ethernet port functionality by connecting to the AP
- Check Static IP address configuration
- Clients Not Getting an IP Address
- SSIDs in Bridge Mode
- Exhausted DHCP Pool
- DHCP Server is Unreachable
- Incorrect VLAN Tags
- SSIDs in NAT Mode
- SSIDs in Bridge Mode
- Clients Unable to Connect to a Specific SSID
- Check the Event Logs for the Devices
- Verify the Credentials
- Clients not Able to Connect to a Specific AP
- Test an SSID with Minimal Configuration Settings
- Verify Upstream Settings
- Clients not Getting Internet Connectivity
- Clients Connect to a Far Away AP
- Specific Error in the Event Logs
- Poor Throughput Due to RF Performance
- Wireless Network Unable to Access Local LAN
- Splash Page Issues
- Troubleshooting and Replacing a Faulty MR Access Point
- For All MR Models
- If no lights are lit on the unit
- If there is one solid orange power LED and no other LEDs are lit
- For MR12, MR16, MR24, MR58, MR66, and OD2
- If there is one solid orange power LED and the signal LEDs are flashing green simultaneously
- If all LEDs are lit green except for the Ethernet LED (second from the bottom)
- If there is one solid orange power LED and the signal LEDs are blinking up and down one at a time
- For MR18, MR26, MR32, MR34, MR72
- If the LED is cycling through the rainbow colors
- If the LED is blinking orange
- Using Packet Capture to Troubleshoot Client-side DHCP Issues
- Troubleshooting PoE on MS switches
- Storm Control for MS
- VLAN Mismatch Alerts for Meraki Switches
- Packet Captures and Port Mirroring on the MS Switch
- Troubleshooting and Replacing a Faulty MS Switch
- No lights when the switch is powered on
- Switch has a solid amber power LED
- No link lights when connecting a device to an Ethernet switch port
- Switch doesn't recognize a connected SFP module
- No power delivered to a connected Power over Ethernet (PoE) device
- Switch Cloning (Replace Faulty MS with New MS)