We're about to deploy 125+/- MX devices to replace Brand X firewalls. In several locations we have a Cisco 2811 (ancient we know) behind the firewall using up to 4 VLANs. One of those subnets is on the inside of the firewall and the rest are inside the router. We have routes on the firewall to those other VLANs.
Our topology will be
MX450 HA pair
With the MX65 networks using a template I can't put routes on the individual network so am I right that the routes will have to go on the MX450s with the next hop being the single subnet on the MX65W?
For the most part they are little more than switches now. Most of our voice is SIP now. We're deploying quickly without making other changes since our support contract just expired with Brand X. As well there are other dependencies we'd have to resolve before eliminating the 2811s and letting the MX handle the VLAN.