Transition from the vMX100 to vMX-M (Actually being forced to transition due to EOL of the vMX100)

rhamersley
Getting noticed

Transition from the vMX100 to vMX-M (Actually being forced to transition due to EOL of the vMX100)

I think we all know by now that the vMX100 has an end of life date of 2027.   I was informed by our Meraki Sales Engineer that I would be able to extend the license.   Well, once I added our Co-Termination license last week we are now having a "License Required" error message now.   We have 30 days now to transition off the vMX-100 to the vMX-M.

 

I have scoured the knowledge base and internet for any clear and concise documentation and really non is to found....That is why I am posting hopefully to get some great feedback.

 

What is the best solution with "NO" downtime.

 

Option 1.  (I have heard horror stories regarding this option about companies being down)

Upgrade vMX100 - vMX-M 

Links I have found:

https://documentation.meraki.com/MX/Deployment_Guides/vMX100_to_vMX_S%2F%2FM%2F%2FL_Transition_FAQ

https://documentation.meraki.com/MX/MX_Installation_Guides/vMX_Setup_Guide_for_Amazon_Web_Services_(...

 

Option 2.  (Actually is more of a question)

Can I deploy the VMX-M in parallel with the vMX-100, without interrupting any current production with the VMX100?   Once the vMX-M is online and deployed can I then remove the vMX100?

 

Option 3.

Do not use the vMX at all and configure Meraki to AWS site-to-site VPN

https://ritcsec.wordpress.com/2018/08/12/a-visual-guide-to-setting-up-a-meraki-to-aws-site-to-site-v...

https://aws.amazon.com/quickstart/architecture/cisco-meraki-vmx/

https://www.ifm.net.nz/cookbooks/meraki-vpn-to-amazon-aws.html

 

I am sure there is alot of companies other than mine are currently going through this issue.

 

Looking forward to any assistant or feedback.

11 Replies 11
alemabrahao
Kind of a big deal
Kind of a big deal

I thonk It can help you:  https://documentation.meraki.com/MX/Other_Topics/MX_Cold_Swap_Replacing_an_Existing_MX_with_a_Differ...)

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

The link you provided is to replace a MX appliances not a vMX appliance for the cloud.   Would that be the exact same steps??

For sure. 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Your response does not make sense??   I asked if the link you provided me would be the exact same steps to replace a vMX100.    I do not think it would be.    

 

Your response was "Kind of a big deal for sure"??????

Nope, my response was for sure, you can follow the same steps. LoL. 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
RaphaelL
Kind of a big deal
Kind of a big deal

Kind of a big deal is the title next to @alemabrahao username.

 

His response is indeed : For sure.

rhamersley
Getting noticed

Could it be possible to not use the VMX100 altogether and set up a "Organization-wide settings" Non-Meraki VPN Peers?

 

I completely understand we will not get the same resilience and traffic engineering capabilities (SD-WAN, basically) that you get through deploying VMX in AWS and using AutoVPN (MX at both ends).

 

I can set this Peer directly into AWS Transit Gateway.

 

rhamersley_0-1678893896654.png

 

Can anyone comment on this?

 

PhilipDAth
Kind of a big deal
Kind of a big deal

Zero downtime - no.

 

You could create a new network in the dashboard, and put your new VMX into that.  Deploy it into your cloud environment, make sure everything comes online.

 

Then to cut over, remove the "Local networks" from the VMX100, and add them to the new VMX, and update the cloud routing table to point to your new VMX.

You shoul be able to cut over in 5 minutes.

Philip.   When I create the new network should I just clone the existing VMX100 network?  Or would that cause any issues with the current vXM100?

Just cone It, it's not for you to have any issues.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

I don't see why not.  When you initially clone it, AutoVPN will be off so that no harm will be caused.

 

Note that VMX deploy in routed mode by default.  You'll need to change it back to VPN concentrator mode BEFORE you deploy the new VMX into Amazon AWS.

Get notified when there are additional replies to this discussion.