Audit of Switch ports all APs are conected to

Solved
amabt
Building a reputation

Audit of Switch ports all APs are conected to

Hi Everyone,

 

We recent discovered that unfortunately when some of the AP were commissioned at our site the tech did not set the Switch port the AP is on to a Trunk port. This is causing issues. We need to do an audit of all the AP in our Org to make sure the switch port the are on is set to Trunk.

 

What is the most efficient API end point we can use for this?

 

I'm think of below route:

Get Organization Devices -> Filter to wireless only.

 

Loop through each device then work out which switch and which port its connects to? <-- this step I am not sure how to get the info?

 

Then use Update Device Switch Port to update the port.

 

Thanks.

1 Accepted Solution
John_on_API
Meraki Employee
Meraki Employee

I'm surprised nobody recommended https://developer.cisco.com/meraki/api-v1/get-network-topology-link-layer/ -- which is purpose built for this kind of thing! And way easier than polling per-device discovery info.

View solution in original post

13 Replies 13
PhilipDAth
Kind of a big deal
Kind of a big deal

Depending on how many networks you have, you could go into each network and go Switching/Switchports.

 

Use the spanner in the top right hand corner, and enabled the CDL/LLDP column.

PhilipDAth_0-1725581477375.png

 

And then search on "MR" to see all access points.  You can then select all the switch ports and change them in one hit.

amabt
Building a reputation

Thanks. That's handy to know. 150 networks otherwise I would have just done the manual route.

PhilipDAth
Kind of a big deal
Kind of a big deal

API wise;

 

You could use this to get a list of all MS switches (set productTypes filter to "switch"):

https://developer.cisco.com/meraki/api-v1/get-organization-inventory-devices/

 

And then for each switch, use this to get the LLDP neighbours.

https://developer.cisco.com/meraki/api-v1/get-device-lldp-cdp/

 

And then for each switch port above that shows something with a systemName containing "Meraki MR", update the port.

 

amabt
Building a reputation

Thanks. I'll explore this route.

PhilipDAth
Kind of a big deal
Kind of a big deal

I bet @sungod will have a better approach.  🙂

sungod
Kind of a big deal

I think the way you suggest is straightforward 😀

 

Tbh with all the new/updated API calls, I need to spend a while reading through the details on each one - used to do this back in 80s/90s on new UNIX releases, I think it was actually faster riffling through the paper manuals than it is to do on the developer website...

PhilipDAth
Kind of a big deal
Kind of a big deal

Going sideways; depending on what model switches you have; you could enable SecurePort which can automatically recognise and configure a switch port for an MR.

https://documentation.meraki.com/MS/Access_Control/SecurePort_(formerly_known_as_SecureConnect)

 

You could also consider create a standardised port profile for APs, and rather than apply specific port settings, apply the profile for an AP.

PhilipDAth_0-1725582064563.png

 

 

RaphaelL
Kind of a big deal
Kind of a big deal

https://developer.cisco.com/meraki/api-v1/get-organization-switch-ports-statuses-by-switch/

https://developer.cisco.com/meraki/api-v1/api-reference-early-access-api-products-switch-configure-p...

 

 

This will return ALL switchports statuses from your Orgs ( contains CDP LLDP info )

The second call will return the config. 

 

If the port has cdp lldp corresponding to a AP , then loop through the ports and find the config. Voila.

 

As suggested by Phil , if you have MS and MR , I would suggest to configure SecurePort ( https://documentation.meraki.com/MS/Access_Control/SecurePort_(formerly_known_as_SecureConnect) )

amabt
Building a reputation

Thanks @RaphaelL  I'll give that a try.

JGill
Building a reputation

I have a python script that pulls all the switch / port / client data for our org.  You can see AP's by name in the lldp field, and the switch port settings  (access, trunk, and associated vlans,.  It's a down and dirty script, but will output a csv file and you can just filter on the APs.     You can use a similar API to go correct them once you have a list.   Not sure how this will come across but shoot me a note if you have a question.

# Start of python file -------

import meraki
import json
import csv
import os
from datetime import datetime

API_KEY = os.environ.get('MERAKI_API')
organization_id = os.environ.get('MERAKI_ORG')

dashboard = meraki.DashboardAPI(API_KEY, output_log=False, print_console=False)

 

now = datetime.now()

dt_string = now.strftime("%m/%d/%Y %H:%M:%S %Z")
dtFilename = now.strftime("%m-%d-%Y_")
print(dt_string)
print(dtFilename)


clientDatafile = dtFilename+'ClientData.csv'

try:
    datafile = open(clientDatafile, 'w', newline='')
    csv_writer = csv.writer(datafile)
except Exception as error:
    print("Error: ", error )
    exit(error)


count = 0

networks = dashboard.organizations.getOrganizationNetworks(
    organization_id, total_pages='all'
)

print('Client Listing : ', clientDatafile )
for network in networks:

    print('Network ID: ' + network['id'] + ' Name: ' + network['name'])


    try:
        clients = dashboard.networks.getNetworkClients(
         network['id'], timespan=2592000, total_pages='all', perPage='1000'
        )
    except:
        print('opps')
       
    for client in clients:
        if count == 0:
           header = client.keys()
           csv_writer.writerow(header)
           count += 1
        csv_writer.writerow(client.values())    
 
#  End of python file.       

 

amabt
Building a reputation

Thank you for sharing. I will give that a try.

John_on_API
Meraki Employee
Meraki Employee

I'm surprised nobody recommended https://developer.cisco.com/meraki/api-v1/get-network-topology-link-layer/ -- which is purpose built for this kind of thing! And way easier than polling per-device discovery info.

amabt
Building a reputation

Thanks @John_on_API  I'll add that to the list to try as well.

Get notified when there are additional replies to this discussion.