Anyone know how to ADD a 3rd WAN IP on a MX 100 ??? **UPDATED w/Solution**

Solved
DouggieFresh
Here to help

Anyone know how to ADD a 3rd WAN IP on a MX 100 ??? **UPDATED w/Solution**

I have need of adding a 3rd WAN IP / I have 2 MX 100s in Passive/Hot-Spare mode. Our production is currently using Sonicwall  NSA 2600's ..which has no problem using up to 5 WAN IPs. but we are using 3.

 

We have 3 ISP connections

1 ATT fiber = Main (static)

1 Comcast Business = failover (static)

 

1 Comcast = Public WiFi (DHCP)

 

any viable work arounds for this???

 

TIA

 

Doug

1 Accepted Solution
MacuserJim
A model citizen

An MX would work to aggregate multiple WANs to a single connection for your primary MX. However there are devices out there designed for WAN link balancing where you can have multiple WAN connections go to it, then provide a single WAN connection to your firewall.

 

For example you could have 5 WAN connections go to the WAN link balancer, that would then provide a single connection for you to configure on your MX.

View solution in original post

8 Replies 8
MacuserJim
A model citizen

There isn't a way to configure 3 WAN uplinks on an MX, you would need something in front of the MX to aggregate the connections to a single connection for the MX.

PhilipDAth
Kind of a big deal
Kind of a big deal

@MacuserJim is correct.  You would need another MX in front of the first MX aggregating two of the WAN connections down to 1.

PhilipDAth
Kind of a big deal
Kind of a big deal

If you have Comcast Business do you really need Comcast WiFi?  The better option sounds like dropping one of those.

 

If you really want a non-cable backup solution then change to using a 4G dongle, which you can just plug into the MX USB port.

https://documentation.meraki.com/MX/Cellular/3G_-_4G_Cellular_Failover

DouggieFresh
Here to help

Currently the WiFI is routed through the CIsco Controller sending the Public SSID out the Comcast Public WAN (through the SonicWall) and the Campus WiFi SSID to the LAN/Default WAN (ATT)

 

We've been enjoying having the Public WiFI segmented physically independent to a 3rd ISP/WAN connection, but now

We have purchased 23 new Meraki APs and are limited to 2 WAN connections.

 

I heard there was a way to accomplish getting a 3rd WAN connection up and running w/o the USB/Cellular ..besides that is just not enough bandwidth for our users and the cost is prohibitive with 200+ connections.

 

SO what I think I'm hearing is that another MX is required ? Is there any documentation or can you advise on that configuration?

 

Thanks

Doug

MacuserJim
A model citizen

An MX would work to aggregate multiple WANs to a single connection for your primary MX. However there are devices out there designed for WAN link balancing where you can have multiple WAN connections go to it, then provide a single WAN connection to your firewall.

 

For example you could have 5 WAN connections go to the WAN link balancer, that would then provide a single connection for you to configure on your MX.

mmmmmmark
Building a reputation

I did exactly this with five ADSL connections into a pfSense box that had the firewall functionality all disabled so it was just routing/load balancing. Then it was connected as WAN2 into the MX. Worked well although it was just for failover if the primary WAN went down which I think happened once in 2 years.

DouggieFresh
Here to help

My Solution was to purchase a MX84 /

Create a separate network in my dashboard /

Create DHCP pool for VLAN on MX84

On the MX84  /Addressing & VLANs /Per-port VLAN Settings / Tag LAN port (to Core) with VLAN ID

Connect the MX84 to my Core MS425 Stack & tag the port to the SSID VLAN /  - and have my Public SSID tagged with the new VLAN ID.. BAM! Tag LAN port on MX84 to VLAN128Tag LAN port on MX84 to VLAN128Connect LAN port to COREMS425 w/tag 128Connect LAN port to COREMS425 w/tag 128Create DHCP pool on MX84Create DHCP pool on MX84Wireless SSID VLAN ID 128Wireless SSID VLAN ID 128

DennisS
Here to help

Hi DouggieFresh,

 

How's this solution been working for you ever since it was deployed?  You mentioned you needed to create a separate network for the MX84. Is that because you have different MX models in your existing network already and Meraki won't allow you to add a non-compatible model?

 

We're going to run into the same issue.  The network will have a pair of MX95 in HA mode with a primary & backup MPLS uplink to our data centers.  The challenge is, how do we accommodate an internet circuit for local internet egress...

Get notified when there are additional replies to this discussion.