Meraki

Community

Changing Meraki MX to a 3-party firewall

Solved
garonson
Here to help
yesterday
yesterday

Changing Meraki MX to a 3-party firewall

Hi

 

I have a customer with with a existing Meraki network that has a Meraki MX as firewall and a lot of meraki layer-2 switches an AP's behind the firewall.

 

The customer have decided to change the firewall to a 3-party firewall(in this case a Fortigate FW) but would like to keep the meraki lay-2 equipment . 

 

If we open for all the access to meraki cloud through the new firewall for the layer-2 devices will we be able to see and manage the equipment? Will the layer-2 network keep configuration? What will we loose?

 

Best regards Goran Aronson

0 Kudos
1 Accepted Solution
In response to garonson
BlakeRichardson
Kind of a big deal
Kind of a big deal
6 hours ago
6 hours ago

@garonson  This will 100% work, one network I manage has MS, MV, MR and MT all sitting behind a Fortigate. As Darren mentioned just make sure that the required outgoing WAN rule allows the required ports. These can be found by logging into the dashboard and under the help menu and selecting firewall info.

 

Screenshot 2025-01-24 at 7.55.01 AM.png

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

View solution in original post

3 Replies 3
DarrenOC
Kind of a big deal
Kind of a big deal
15 hours ago
15 hours ago

Hi @garonson , this will work and is a pretty standard setup.  Ensure the Forti is configured to allow the required ports and IPs out to the Meraki cloud.

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
In response to DarrenOC
garonson
Here to help
15 hours ago
15 hours ago

Thank you! I thought so but I have never done it! 

In response to garonson
BlakeRichardson
Kind of a big deal
Kind of a big deal
6 hours ago
6 hours ago

@garonson  This will 100% work, one network I manage has MS, MV, MR and MT all sitting behind a Fortigate. As Darren mentioned just make sure that the required outgoing WAN rule allows the required ports. These can be found by logging into the dashboard and under the help menu and selecting firewall info.

 

Screenshot 2025-01-24 at 7.55.01 AM.png

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2025 Cisco Systems, Inc.