Cisco Meraki MX Series Router Configuration for 8x8 Services

Updated: 04/15/2024

Objective

Configuring a Cisco Meraki MX series router to work with 8x8 services.

Applies To

  • Cisco Meraki MX series routers
Cisco_Meraki_mx60w-mantle-12.jpg

Procedure

The purpose of this article is to provide a sample configuration. At the time of article creation, this device was in a known working state on the firmware used. 

Keep in mind different firmware versions will interact with hosted VoIP services in different ways. While this device may be fully functional on the tested and/or current firmware version, it is possible newer revisions will cause disruptions in service or make a device fully compliant with the required settings for hosted VoIP services where it was previously not.

Administrative Information

  1. Make sure your router is powered on and connected to your network.
  2. In a browser on a computer on the same network as the router, navigate to the assigned IP address or wired.meraki.com.
  3. Log in (default credentials shown below).
    • Username: (device serial number, all CAPS, with dashes)
    • Password: (blank)
Adding/editing 8x8 subnets is recommended when available. Review the Datacenter IP Ranges & Domains section of X Series Technical Requirements.

Traffic Shaping Settings for the Meraki MX Series

Uplink configuration

This configures the flow of Internet traffic over multiple service providers (if more than one ISP is hooked up to the router). We want to set up the Meraki to use a primary ISP, with a secondary ISP set as a failover (no load balancing).
  1. Disable Link aggregation. When enabled, Link aggregation spreads Internet traffic across both uplinks, proportional to bandwidths set for the Internet1 and Internet2, respectively.
  2. Set Global bandwidth limits (either will work—just make sure to set enough upload and download for your 8x8 phones):
    • Simple: Single setting that applies to both upload and download traffic throughput. Move the slider control right or left to set the limits.
    • Details: Allows you to set different limits on upload and download throughput. Enter the limits manually in kb/s. You can also use this mode to create more precise per-client limits than in simple mode.
  3. Disable speed burst.

Traffic shaping rules

Here is where you will set QoS (bandwidth management) based on ports, IP, or MAC specific rules. Traffic shaping policies consist of a series of rules that are performed in the order in which they appear in the policy, similar to custom firewall rules. There are two main components to each rule: the type of traffic to be limited or shaped (rule definition), and how that traffic should be limited or shaped (rule actions). The rule action is enforced on all traffic that matches the specifications you select. Traffic-matching-specified rule sets can be shaped or prioritized.
  1. Click Create a new rule to add a traffic shaping rule.
  2. Set Rule Definition (do one of the following):
    • Select from various predefined application categories such as Video & Music, Peer-to-Peer, or Email.
    • Create rules by specifying HTTP hostnames (for example, salesforce.com); port numbers (such as 80); IP ranges (such as 192.168.0.0/16); or IP address range and port combinations (such as 192.168.0.0/16:80).
  3. Set Rule Actions.
    • Click Add an expression to create additional specifications for traffic that is shaped according to the same rule action.
    • Specify appropriate bandwidth limits for each type of traffic with the bandwidth slider control.
      • Can be specified to ignore any limits specified for the whole network; to obey the specified limits; or to apply more restrictive limits than the network limits.
      • Click details next to the bandwidth slider control to specify asymmetric limits on uploads and downloads.
    • Always set Priority for 8x8 services to P7 (highest priority).
      • Priority allows the router to prioritize a given network flow relative to the rest of the network traffic:
        • High: 4/7
        • Normal: 2/7
        • Low: 1/7
      • Ensure that uplink throughput settings are accurate.
    • Select a value for the DSCP tag in the IP header on all incoming and outgoing IP packets to apply QoS prioritization to Layer 3 traffic.
      • Ensure that upstream networking equipment also supports QoS prioritization.
      • This also affects the Wi-Fi Multimedia (WMM) priority of the traffic.
Cisco_Meraki_servlet.png

Meraki MX65 v13.28

Introduction

The Meraki MX65 out of the box does not need any configuration for 8x8 IP phones to work. Testing has determined that the default configuration on Meraki firewalls works properly for 8x8 services.
The MX65 does not have ALG so there is no SIP or RTSP to disable.  However, possible issues can arise if specific settings are placed in the router or switches where certain traffic is being segregated.
Refer to the Meraki troubleshooting guide for more information.

Firewall

  1. From the main menu go to Security Appliance > Firewall.
  2. In the Layer 3 section, verify that Outbound rules are set to allow all traffic in and out.
    Meraki_MX65_Firewall.png
  3. If nothing is set, please have the admin enter this general setting or a custom one depending on their preference.

Traffic Shaping

  1. From the main menu go to Security Appliance > Traffic Shaping.
  2. On the last section Traffic shaping rules, verify there is a rule set for all VoIP and video conferencing. If none is available create a rule and copy the settings below.
    Meraki_MX65_Traffice_Shapin.png

Known Issues

If you are experiencing dropped calls and audio loss, check to make sure that the ISP Modem/Gateway is fully bridged, set to passthrough mode or DMZ set to the router.
If port shuffling or duplicate ports are occurring, verify that there is only one appliance on the network passing DHCP and NAT. Gateways, DHCP servers, Domain controllers, and smart switches with DHCP capability can potentially cause port shuffling or duplicate SIP ports.

Additional Information

If you are experiencing intermittent garbled audio, check the connection for latency issues.
For Fiber connections, ensure that the connection is directly out of the ONT to the main router of the network. In cases where the fiber connection requires the ISP's gateway such as ATT, ensure that the device is set to passthrough mode to the main router of the network.