Meraki VLAN Management by Boundless

Automate bulk VLAN provisioning and switch port configuration across Meraki MX and MS devices with built-in safety checks.

Written by Boundless

Updated 9 hours ago

Overview

Meraki VLAN Management by Boundless automates VLAN and switch port provisioning across Meraki MX gateways and MS switches. The module discovers your existing network topology, validates all inputs against live configuration, and applies only safe, conflict-free changes — reducing manual errors and deployment time.

Version	1.1
Integration	Meraki
Exchange Category	Cisco Verified

What It Configures

MX Gateway VLANs

Create new interface VLANs with IP addressing
Update existing VLAN subnet prefixes

MS Switch Ports

Configure trunk ports with native VLAN and specific allowed VLANs
Configure access ports for a specific VLAN

Combined

Apply both VLAN and switch port changes in a single workflow run

Built-in Safety Checks

This module performs topology discovery and input validation before any configuration changes are applied.

Subnet overlap detection
If any input subnet conflicts with an existing prefix on your MX gateway, the module blocks that specific configuration and surfaces an error message. Valid, non-conflicting inputs are still processed.

Port mode conflict alerts
If your input would change a trunk port to an access port (or vice versa), the module raises an alarm. This prevents accidental disruption to uplinks, inter-switch links, or ports serving multiple VLANs.

Input validation
Missing or malformed inputs are caught early with clear error messages. The module will not proceed with empty or invalid data.

Approval gate (beta)
An optional human approval step can be inserted before changes are executed.

Prerequisites

A Meraki organization with MX and/or MS devices
A configured Meraki API target in Workflows
Your Organization ID
The network name where your devices are onboarded

How to Run the Module

From the Meraki dashboard, go to Automation → Workspace → Workflows
Select Meraki VLAN Management by Boundless
Click Run
In the pop-up window, provide:
- Target: Your configured Meraki API target
- Organization ID (mandatory)
- Network Name (mandatory)
Optionally provide bulk input arrays (see Input Format below)
The module will discover your topology, validate inputs, and prompt you to select an operation

Input Format

Interface VLAN Array (optional)

Provide a JSON array of VLAN/subnet configurations for MX gateways:

[
  {
    "IPAddress": "192.168.100.1",
    "InterfaceID": "100",
    "InterfaceName": "vlan100",
    "SubnetPrefix": "192.168.100.1/24"
  },
  {
    "IPAddress": "192.168.200.1",
    "InterfaceID": "200",
    "InterfaceName": "vlan200",
    "SubnetPrefix": "192.168.200.1/24"
  }
]

Interface Port Array (optional)

Provide a JSON array of switch port configurations:

[
  {
    "SwitchName": "SW-Floor1",
    "InterfaceID": "12",
    "VlanID": "100",
    "NativeVlan": "1",
    "Mode": "access"
  },
  {
    "SwitchName": "SW-Floor1",
    "InterfaceID": "24",
    "VlanID": "100",
    "NativeVlan": "100",
    "Mode": "trunk"
  }
]

You can provide one or both arrays. If you provide neither, the module will inform you and exit gracefully.

Operation Modes

After topology discovery and validation, the module prompts you to select an operation:

Option (a) — VLAN + IP Configuration

Sub-option (a): Create new VLANs with IP addressing on MX gateways
Sub-option (b): Update existing VLAN subnet prefixes on MX gateways

Option (b) — Switch Port Configuration

If you provided an Interface Port Array: configures/updates ports based on your input
If you did not provide an array: configures ports based on topology neighbor discovery (beta)

Option (c) — Both

Runs VLAN configuration and switch port configuration in a single pass
Requires both input arrays to be provided

What Happens Behind the Scenes

Step 1: Topology Discovery
The module runs parallel discovery tasks to map your existing environment. It discovers all existing subnets on the MX gateway, all neighboring devices on switch interfaces, and the current configuration of all input interfaces within the target network.

Step 2: Input Evaluation
Python-based validation compares your inputs against the live state and categorizes each as:

Valid configs — Unique, non-conflicting inputs ready for deployment
Updatable configs — Existing VLANs/ports that can be safely updated
Invalid configs — Overlapping subnets or dangerous port changes that are blocked

Step 3: Execution
Only validated configurations are applied through dedicated sub-workflows for subnet creation, subnet updates, and port configuration.

Step 4: Reporting
Blocked items are surfaced with clear reasons explaining why they were not applied.

Error Messages

Scenario	Type	What Happens
Input subnet overlaps with existing prefix	Error	Configuration blocked for that VLAN; other valid VLANs still proceed
Changing access port to trunk (or vice versa)	Alarm	Configuration flagged as dangerous; not applied
Empty VLAN array when option (a) selected	Error	Module exits with clear message
Empty arrays when option (c) selected	Error	Module exits with clear message

Known Limitations (v1.1)

Runs on a single network per execution (multi-network planned)
Maximum of 10 network/interface inputs per run (~50 seconds execution)
Service-based port configuration (network/server/wireless ports) is in beta
Approval gate is in beta
Combined mode (option c) does not support topology-based port discovery

Roadmap

Multi-network and multi-organization support
Dynamic switch port configuration with expanded service types
Enhanced interactive prompts with more granular control
Cisco Catalyst switch support
Automatic SSID configuration for wireless port assignments
Increased input limits and faster execution

Did this answer your question?