I have an MX84. ISP has provided multiple static public IP addresses.
I have WAN1 connected to the modem/gateway from ISP. All traffic bypasses modem/gateway, into MX85 through WAN1.
Is it possible to configure WAN2 with a second static public IP and have specific clients flow through WAN2?
The goal is the following: 3rd party compliance vendor wants to isolate specific web traffic.
Thanks!
Hi @RGN - this configuration is indeed possible. Under SD-WAN and Traffic Shaping look for flow preferences. Here you can configure your source and destination (including ports) and specify which WAN port to traverse.
Refer the documentation.
Thank you for the info. Using the link provided by @alemabrahao my layout looks like this:
I only have path going in and out provided by ISP. Still doable???
Yes, but keep in mind that it is the same ISP, if any type of failure occurs you will be left without access anyway. So I don't see any advantage in configuring the second link with the same ISP, it would make much more sense if you had a different ISP.
For sure, having a second ISP would be the key factor, but limited at the moment. Fiber from ISP, existing equipment from ISP doesn't provide an extra WAN/Internet port from their equipment. Focus is more on isolating web traffic versus having redundancy with two ISP's.
I got it, and yes you definitely can try this way.
Thank you, will share feedback later on.
>The goal is the following: 3rd party compliance vendor wants to isolate specific web traffic.
Check your compliance requirements - but if you need separation, you might need a separate MX appliance for reporting and auditing purposes.
Summary on my results:
From ISP into an unmanaged switch.
From the unmanaged switch, one patch cable to WAN1, second patch cable to WAN2 on Meraki.
Each WAN with a static IP provided by ISP.
Designated a specific VLAN for WAN2 by way of traffic flow rules.
Thank you all for the help and advice!