Meraki

Community

Transition from the vMX100 to vMX-M (Actually being forced to transition due to EOL of the vMX100)

rhamersley
Getting noticed
‎Mar 14 2023 12:10 PM
‎Mar 14 2023 12:10 PM

Transition from the vMX100 to vMX-M (Actually being forced to transition due to EOL of the vMX100)

I think we all know by now that the vMX100 has an end of life date of 2027.   I was informed by our Meraki Sales Engineer that I would be able to extend the license.   Well, once I added our Co-Termination license last week we are now having a "License Required" error message now.   We have 30 days now to transition off the vMX-100 to the vMX-M.

 

I have scoured the knowledge base and internet for any clear and concise documentation and really non is to found....That is why I am posting hopefully to get some great feedback.

 

What is the best solution with "NO" downtime.

 

Option 1.  (I have heard horror stories regarding this option about companies being down)

Upgrade vMX100 - vMX-M 

Links I have found:

https://documentation.meraki.com/MX/Deployment_Guides/vMX100_to_vMX_S%2F%2FM%2F%2FL_Transition_FAQ

https://documentation.meraki.com/MX/MX_Installation_Guides/vMX_Setup_Guide_for_Amazon_Web_Services_(...

 

Option 2.  (Actually is more of a question)

Can I deploy the VMX-M in parallel with the vMX-100, without interrupting any current production with the VMX100?   Once the vMX-M is online and deployed can I then remove the vMX100?

 

Option 3.

Do not use the vMX at all and configure Meraki to AWS site-to-site VPN

https://ritcsec.wordpress.com/2018/08/12/a-visual-guide-to-setting-up-a-meraki-to-aws-site-to-site-v...

https://aws.amazon.com/quickstart/architecture/cisco-meraki-vmx/

https://www.ifm.net.nz/cookbooks/meraki-vpn-to-amazon-aws.html

 

I am sure there is alot of companies other than mine are currently going through this issue.

 

Looking forward to any assistant or feedback.

Labels:
0 Kudos
11 Replies 11
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 14 2023 12:20 PM
‎Mar 14 2023 12:20 PM

I thonk It can help you:  https://documentation.meraki.com/MX/Other_Topics/MX_Cold_Swap_Replacing_an_Existing_MX_with_a_Differ...)

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
rhamersley
Getting noticed
‎Mar 15 2023 6:42 AM
‎Mar 15 2023 6:42 AM

The link you provided is to replace a MX appliances not a vMX appliance for the cloud.   Would that be the exact same steps??

0 Kudos
In response to rhamersley
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 15 2023 6:54 AM
‎Mar 15 2023 6:54 AM

For sure. 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
rhamersley
Getting noticed
‎Mar 15 2023 7:02 AM
‎Mar 15 2023 7:02 AM

Your response does not make sense??   I asked if the link you provided me would be the exact same steps to replace a vMX100.    I do not think it would be.    

 

Your response was "Kind of a big deal for sure"??????

0 Kudos
In response to rhamersley
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 15 2023 7:11 AM
‎Mar 15 2023 7:11 AM

Nope, my response was for sure, you can follow the same steps. LoL. 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to rhamersley
RaphaelL
Kind of a big deal
Kind of a big deal
‎Mar 15 2023 8:18 AM
‎Mar 15 2023 8:18 AM

Kind of a big deal is the title next to @alemabrahao username.

 

His response is indeed : For sure.

0 Kudos
rhamersley
Getting noticed
‎Mar 15 2023 8:27 AM
‎Mar 15 2023 8:27 AM

Could it be possible to not use the VMX100 altogether and set up a "Organization-wide settings" Non-Meraki VPN Peers?

 

I completely understand we will not get the same resilience and traffic engineering capabilities (SD-WAN, basically) that you get through deploying VMX in AWS and using AutoVPN (MX at both ends).

 

I can set this Peer directly into AWS Transit Gateway.

 

rhamersley_0-1678893896654.png

 

Can anyone comment on this?

 

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 15 2023 12:58 PM
‎Mar 15 2023 12:58 PM

Zero downtime - no.

 

You could create a new network in the dashboard, and put your new VMX into that.  Deploy it into your cloud environment, make sure everything comes online.

 

Then to cut over, remove the "Local networks" from the VMX100, and add them to the new VMX, and update the cloud routing table to point to your new VMX.

You shoul be able to cut over in 5 minutes.

In response to PhilipDAth
rhamersley
Getting noticed
‎Mar 20 2023 5:40 AM
‎Mar 20 2023 5:40 AM

Philip.   When I create the new network should I just clone the existing VMX100 network?  Or would that cause any issues with the current vXM100?

0 Kudos
In response to rhamersley
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 20 2023 5:48 AM
‎Mar 20 2023 5:48 AM

Just cone It, it's not for you to have any issues.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
In response to rhamersley
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 20 2023 12:51 PM
‎Mar 20 2023 12:51 PM

I don't see why not.  When you initially clone it, AutoVPN will be off so that no harm will be caused.

 

Note that VMX deploy in routed mode by default.  You'll need to change it back to VPN concentrator mode BEFORE you deploy the new VMX into Amazon AWS.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.