Meraki

JPScolar · ‎Sep 16 2023

As per the Meraki documentation, I can extend the VPN to to Azure while providing high availability as per the attached picture.

If understand correctly I will need an separate VNET for the vMXs, a virtual Firewall (here I'm assuming it will be a Azure virtual FW) and the Virtual WAN Hub. The vMX will be medium size.

What could be the ballpark recurrent and non-recurrent costs to set this up?
Does each vMX needs a separate FW. Meraki documentation mentions the vMXs must be in different regions. (two different concentrators, if the first one fails, the hbrenches will route traffic through the other VPN concentrator and not a active/stand-by high-availability mode).

Thank you

Juan-Carlos Perez

alemabrahao · ‎Sep 16 2023

Ideally, you should contact your Meraki sales representative.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

PhilipDAth · ‎Sep 17 2023

>If understand correctly I will need an separate VNET for the vMXs,

A separate subnet is sufficient.

>a virtual Firewall (here I'm assuming it will be a Azure virtual FW)

I haven't seen anyone else Azure Firewall for this. Everyone uses network security grounds.

Is your Azure spread across multiple regions? Another simple option is to just put one (or two) VMXs into each region.

Meraki

Community

Extendind the VPN to Azure - vMX + Azure Virtual Firewal + Azure Virtual WAN Hub

Extendind the VPN to Azure - vMX + Azure Virtual Firewal + Azure Virtual WAN Hub