Meraki

Community

Deploying Azure vMX to replace existing basic Sku IP vMX

Stone5731
New here
3 weeks ago
3 weeks ago

Deploying Azure vMX to replace existing basic Sku IP vMX

Hello All,

I'm new to the community but, we've been using Meraki MX appliances for the last 9 years This is the first time I've needed to reach out in desperation.

 

Our current Azure vMX that's been in place since 20222 was setup with a basic SKU public IP. Azure is retiring basic SKU IPs on 9/30/2025 and requiring that you upgrade to standard SKU IPs. We attempted to upgrade the IP by following the steps provided by MSFT with no success due to the VM being a MSFT managed device. We've been instructed to redeploy the vMX with a standard SKU IP. We have done this and followed the steps to open the necessary port in the NSG to connect to the Meraki dashboard but sad to say No JOY! Has anyone been successful with this process or experiencing the same issues? The clock is ticking, and I'd hate to have service interruptions come 9/30 as our site-to-site tunnel goes down. Thank you for taking the time to read this post and appreciate any feedback. 

Labels:
0 Kudos
5 Replies 5
Stone5731
New here
3 weeks ago
3 weeks ago

Actually, I see that someone has posted something about this and was able to get their deployment working. I'm going to try what they suggested and hopefully I'm successful as well. 

0 Kudos
Mloraditch
Kind of a big deal
Kind of a big deal
3 weeks ago
3 weeks ago

I think you are referring to this post, https://community.meraki.com/t5/Security-SD-WAN/vMX-Public-IP-SKU-change-from-Basic-to-Standard-Azur... where I and the OP have successfully made the update.

Hopefully that helps!

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
In response to Mloraditch
Stone5731
New here
3 weeks ago
3 weeks ago

I'm assuming that you had to enable the NSG after the upgrade, do you recall what inbound/outbound rules you used to connect to the Meraki dashboard?

0 Kudos
In response to Stone5731
Mloraditch
Kind of a big deal
Kind of a big deal
3 weeks ago
3 weeks ago

No I did not. You would need to add the NSG if you have client or 3rd party VPN enabled.

I can say I do new deployments in NAT mode and at that point I allow everything inbound as the MX is a regular firewall at that point but if it was just a concentrator and it's doing client vpn or third party vpn, I'd be limiting to the appropriate ports.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
In response to Mloraditch
Stone5731
New here
3 weeks ago
3 weeks ago

Thank you for providing that information. 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
© 2025 Cisco Systems, Inc.