Task 7 - You have a Playground
So far in this lab:
- Concepts and Tools: We have learned about the Meraki as Code concept, its benefits, and the tools we will be using in this lab.
- Prepare your environment: We have cloned the example repository, set environment variables, and familiarized ourselves with the data model structure.
- Working with Meraki Data Model: We have explored the data model structure, understood how templates and variables are organized, and how to modify them to fit our needs.
- Creating your first Organization: We have created an organization using the Meraki as Code Data Model.
- Configure everything as code: We used Meraki as Code Data Model to deploy multiple features across Meraki Dashboard.
- Challenge: You took over a challenge and created a Data Model for the same.
It’s all yours now. Feel free to play around with the Data Model and try to implement any features you need.
Here are some possible activities that you can choose from. Each one builds on the data model you already have — create a new YAML file in the data/ folder for each activity, then validate, plan, and apply as you have done in the previous tasks.
1. Add a Guest SSID
Section titled “1. Add a Guest SSID”Create a second SSID named Guest on the existing Amsterdam-Network-1. Configure it with a pre-shared key (PSK) instead of 802.1X, place it on a separate VLAN, and set a bandwidth limit per client using traffic shaping.
Refer to: Configure SSIDs, Traffic Shaping Rules
2. Add Group Policies
Section titled “2. Add Group Policies”Define one or more group policies on a network — for example, a “Restricted” policy with bandwidth limits or a “VoIP” policy with DSCP tagging. Group policies can later be applied to clients or SSIDs.
Refer to: Group Policies
3. Configure Appliance L3 Firewall Rules
Section titled “3. Configure Appliance L3 Firewall Rules”Add Layer 3 firewall rules to control traffic flow through the MX appliance. For example, block traffic from the Guest VLAN to the Data VLAN, or allow only specific ports from certain subnets.
Refer to: L3 Firewall Rules
4. Configure L7 Firewall Rules
Section titled “4. Configure L7 Firewall Rules”Add Layer 7 application-aware firewall rules to block or allow traffic based on application categories — for example, block social media or streaming on the corporate network.
Refer to: L7 Firewall Rules
5. Add Content Filtering
Section titled “5. Add Content Filtering”Configure content filtering on the MX appliance to block specific URL categories or allow-list trusted domains.
Refer to: Content Filtering
6. Configure Organization-Level Settings
Section titled “6. Configure Organization-Level Settings”Go beyond network-level configuration and manage organization-wide settings such as login security policies, organization SNMP, or administrator accounts.
Refer to: Login Security, SNMP, Administrators
7. Add a Second Network and Explore Site-to-Site VPN
Section titled “7. Add a Second Network and Explore Site-to-Site VPN”If you completed the Task 6 challenge, try configuring site-to-site VPN between two networks to see how Meraki as Code handles cross-network features.
Refer to: VPN Site to Site
8. Explore Switch Features
Section titled “8. Explore Switch Features”Try adding switch ACLs, QoS rules, STP configuration, or port schedules to the switch configuration on your network.
Refer to: ACL, QoS Rules, STP Configuration, Port Schedules
Remember the workflow: validate → plan → apply → verify in Dashboard. If you get stuck, refer back to the YAML examples from Tasks 4 and 5, or check the data model reference.