OverviewQuick StartUser InterfaceFAQLogicMonitor LogicModulesSupportSQL QueriesSyncing With MerakiMeraki EstateAdministratorsAP SSIDsAppliance VLANsChange HistoryClient HistoryClientsConfig TemplatesDevice HistoryDevicesFloor PlansNetworksNetwork EventsOrganizationsPortsSensor DataVPN PeersWAN UsageWireless FailuresAdminMac VendorsOrganizations
Meraki DataMagic - Appliance VLANs
Meraki appliances, particularly the MX Security and SD-WAN Appliances, use VLANs (Virtual Local Area Networks) primarily for network segmentation and routing.
The Appliance VLANs page shows details for all Appliance VLANs.
The information can be searched, filtered, sorted, viewed, and downloaded.
About Appliance VLANs
Meraki Appliance VLANs and how they are handled is described as follows:
- Network Segmentation: VLANs allow you to divide a single physical network into multiple isolated logical networks (broadcast domains). This is useful for separating traffic (e.g., corporate data, guest Wi-Fi, VOIP phones, servers) for security, performance, and management
- VLAN
Interface/Gateway: When VLANs are enabled on a Meraki MX appliance (in
Routed Mode), the appliance acts as the Layer 3 gateway (router) for
each configured VLAN/subnet.
For each VLAN, you define a VLAN ID (a number between 1 and 4094), a Subnet (in CIDR notation, e.g., 192.168.10.0/24), and an MX IP (the appliance's IP address on that VLAN, which serves as the default gateway for devices in that VLAN). - Inter-VLAN Routing: Because the MX is the router for each VLAN, it handles the routing of traffic between different VLANs (Inter-VLAN routing) by default. You can then use the MX's Layer 3 firewall rules to control or restrict which VLANs can communicate with each other.
- DHCP Service: The Meraki MX can run a DHCP server for each VLAN, assigning IP addresses to devices connected to that specific segment.
- Port Configuration: The LAN ports on the Meraki appliance are configured to handle VLAN traffic as either:
- Trunk Ports: Used to connect to other networking gear (like Meraki or third-party switches) and can carry traffic for multiple VLANs by tagging the frames (802.1Q). You also define a Native VLAN for untagged traffic.
- Access Ports: Used to connect to an end-device or a switch port that only needs to communicate on a single, specific VLAN. All traffic on this port is treated as belonging to that one VLAN.
Table definition
| Name | Type | Description |
|---|---|---|
| Id | uuid | Unique identifier for the entity record |
| InterfaceId | character varying(64) | Unique internal interface identifier for this VLAN |
| Name | character varying(64) | Human-readable name assigned to the VLAN |
| NetworkId | uuid | Foreign key reference to the Network that contains this VLAN |
| ApplianceIp | character varying(20) | IP address of the appliance interface for this VLAN |
| Cidr | character varying(20) | CIDR notation for the VLAN subnet |
| Subnet | character varying(20) | Subnet address for this VLAN |
| GroupPolicyId | character varying(20) | Group policy identifier applied to this VLAN |
| FixedIpAssignments | jsonb | JSON document containing fixed IP address assignments for specific devices |
| ReservedIpRanges | jsonb | JSON document containing IP address ranges reserved from DHCP allocation |
| DnsNameServers | character varying(64) | DNS server addresses for clients on this VLAN |
| DhcpHandling | text | DHCP handling mode (Meraki DHCP server, DHCP relay, etc.) |
| DhcpLeaseTime | text | DHCP lease time duration for IP address assignments |
| DhcpBootOptionsEnabled | boolean | Indicates whether DHCP boot options are enabled for PXE boot |
| DhcpBootNextServer | text | Next server IP address for DHCP PXE boot options |
| DhcpBootFilename | text | Boot filename for DHCP PXE boot options |
| DhcpOptions | jsonb | JSON document containing custom DHCP options and their values |
| DhcpRelayServerIps | text | Comma-separated list of DHCP relay server IP addresses |
| TemplateVlanType | text | VLAN type when used in a configuration template |
| Mask | integer | Subnet mask length in CIDR format |
| MandatoryDhcp | text | Mandatory DHCP setting that enforces DHCP-assigned IPs only |
| Ipv6 | jsonb | JSON document containing IPv6 configuration settings |
| VpnNatSubnet | text | VPN NAT subnet configuration for this VLAN |
| Created | timestamp with time zone | Timestamp when the record was initially created in the system |
| LastModified | timestamp with time zone | Timestamp when the record was last modified or updated |
| VlanId | integer | VLAN identifier number for network segmentation |
