ASA to Meraki Migration

SOLVED
lsantiago
Here to help

ASA to Meraki Migration

Hi All, 

I am migrating 4 ASA's to Meraki. 2 MX84 and 2 MX68 for small branchesMeraki3.PNG

1. How i can put Meraki side by side so i can slow migrate 

2. vlans living on my 3750 Core how i can advertise "routing, add static route or add vlans?

 

 

 

 

 

 

 

 

1 ACCEPTED SOLUTION

>ip default-gateway 192.168.7.X  OR

>ip route 0.0.0.0 0.0.0.0 192.168.7.x  

 

If your 3750 is acting as a client, and not doing routing, it should be the first approach.  If the 3750 is being used for layer 3 routing then it should be the second.

 

Almost certainly you should be using the second approach ("ip route ...). If you change the default gateway you'll need to also remove the original static route on the 3750.

 

View solution in original post

9 REPLIES 9
PhilipDAth
Kind of a big deal
Kind of a big deal

Perhaps plug the MX's into the "Link Balancer" and the core switch.  Then just change the routing on your core switches to direct traffic at either the ASA or MX as you desire.

 

You probably wont want to other with dynamic routing in this case.  Site 1 has a supernet of 192.168.0.0/20 and site 2 has a supernet of 192.168.16.0/21.  You will probably end up with only half a dozen static routes.

i have an ELFIQ link balancer ans is not very friendly 

whats the proper way to change the gateway

 

ip default-gateway 192.168.7.X  OR

 

ip route 0.0.0.0 0.0.0.0 192.168.7.x    

Adam
Kind of a big deal

On the MX or on the ASA?  MX is all GUI. 

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.

on my 3750 Cisco core to change from one FW to the other 

>ip default-gateway 192.168.7.X  OR

>ip route 0.0.0.0 0.0.0.0 192.168.7.x  

 

If your 3750 is acting as a client, and not doing routing, it should be the first approach.  If the 3750 is being used for layer 3 routing then it should be the second.

 

Almost certainly you should be using the second approach ("ip route ...). If you change the default gateway you'll need to also remove the original static route on the 3750.

 

Adam
Kind of a big deal

Agreed I usually go the iproute method but you may want to test routing something small first before the default route. 

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
Adam
Kind of a big deal

We did this and had to give the MX an IP in the same VLAN and then gradually switched the L3 routes to point to the MX IP instead of the ASA IP.  

 

Note MX will need an upstream connection to the internet(s) and a downstream connection to your core switch so the routes can find the MX.  I'm also assuming your L3 routes live on the core switches.  If they live on the ASAs it could make this more complex.  

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
lsantiago
Here to help

Here is another question. Do i need to create static routes for all my vlans on my Core and spoke locations

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels