Routing public traffic through an MX

Neshi
Conversationalist

Routing public traffic through an MX

Good day all,

 

Does anybody know if the ability to route public IPs through an MX is on the road map of features the devs are working on.

 

Thanks Matt

7 REPLIES 7
AlexJ
Conversationalist

+1 on this feature. Had an issue where I had to have a subnet behind a local router on my LAN behind pair of MX600s, but 1:1 nat with double nat was causing FTP issues... extending a public IP to LAN would have really helped!
Dashboard_DJ
Meraki Alumni (Retired)
Meraki Alumni (Retired)

No-NAT on an MX WAN interface is something I would expect to see available for beta in the next 6 months or so. This would enable CPE functionality but disable the default NAT behavior on one or more of the WAN uplinks. Essentially turning it into a routed interface.

 

eBGP support in NAT mode (name-change perhaps?) is where the Meraki team would like to get to. That would enable more seamless branch MPLS SD-WAN support but No--NAT is a prerequisite. 

 

Stay tuned. 😉

Just bumping this one - any news on this feature?  We have a few clients where we're having to use ASAs where a MX would do, just because we can't have a public routed subnet with no NAT...

+1 Bump! Would love to be able to route a subnet through a WAN interface. Especially in environments running pure MPLS.

Progress is promising, but the limitation of removing on of the already limited 2 wan interfaces is challenging. Would be nice if this could be implemented as a Third interface or similar non-impacting our standard interfaces. Specific to our needs, we frequently have Hospitality clients with event space who like to deploy their own routers in meeting spaces behind our lan and being able to quickly put them on a non-nated public IP without bridging our WAN/LAN is extremely valuable.

benny
Getting noticed

Thanks for the reply AlexJ! 

 

I'm about 10% through converting our MPLS sites onto MX's. Our data traffic tunnels back to concentrators in our DC's while our Voice traffic is NAT'd out to the WAN interface where our MPLS provider picks up the traffic and routes it back to their SBC's and media gate ways. 

 

Initially when the handsets were being NAT'd we had call dropouts and missed calls back to the handset, something I believe was occurring due to NAT timeouts or ageing. Currently I have setup a 1:1 NAT for every handset with its internal IP being the same as the external IP. This seems to have resolved the issue.

 

Can you see any issues running 1:1NAT with the same public address as the private address? 

 

IE Handset uses the following 1:1 rule

 

Public IP: 10.125.0.101

LAN IP: 10.125.0.101

Allowed inbound: any any any

Any updates from the inside?

Get notified when there are additional replies to this discussion.