I have need of adding a 3rd WAN IP / I have 2 MX 100s in Passive/Hot-Spare mode. Our production is currently using Sonicwall NSA 2600's ..which has no problem using up to 5 WAN IPs. but we are using 3.
We have 3 ISP connections
1 ATT fiber = Main (static)
1 Comcast Business = failover (static)
1 Comcast = Public WiFi (DHCP)
any viable work arounds for this???
TIA
Doug
Solved! Go to solution.
An MX would work to aggregate multiple WANs to a single connection for your primary MX. However there are devices out there designed for WAN link balancing where you can have multiple WAN connections go to it, then provide a single WAN connection to your firewall.
For example you could have 5 WAN connections go to the WAN link balancer, that would then provide a single connection for you to configure on your MX.
There isn't a way to configure 3 WAN uplinks on an MX, you would need something in front of the MX to aggregate the connections to a single connection for the MX.
@MacuserJim is correct. You would need another MX in front of the first MX aggregating two of the WAN connections down to 1.
If you have Comcast Business do you really need Comcast WiFi? The better option sounds like dropping one of those.
If you really want a non-cable backup solution then change to using a 4G dongle, which you can just plug into the MX USB port.
https://documentation.meraki.com/MX/Cellular/3G_-_4G_Cellular_Failover
Currently the WiFI is routed through the CIsco Controller sending the Public SSID out the Comcast Public WAN (through the SonicWall) and the Campus WiFi SSID to the LAN/Default WAN (ATT)
We've been enjoying having the Public WiFI segmented physically independent to a 3rd ISP/WAN connection, but now
We have purchased 23 new Meraki APs and are limited to 2 WAN connections.
I heard there was a way to accomplish getting a 3rd WAN connection up and running w/o the USB/Cellular ..besides that is just not enough bandwidth for our users and the cost is prohibitive with 200+ connections.
SO what I think I'm hearing is that another MX is required ? Is there any documentation or can you advise on that configuration?
Thanks
Doug
An MX would work to aggregate multiple WANs to a single connection for your primary MX. However there are devices out there designed for WAN link balancing where you can have multiple WAN connections go to it, then provide a single WAN connection to your firewall.
For example you could have 5 WAN connections go to the WAN link balancer, that would then provide a single connection for you to configure on your MX.
I did exactly this with five ADSL connections into a pfSense box that had the firewall functionality all disabled so it was just routing/load balancing. Then it was connected as WAN2 into the MX. Worked well although it was just for failover if the primary WAN went down which I think happened once in 2 years.
My Solution was to purchase a MX84 /
Create a separate network in my dashboard /
Create DHCP pool for VLAN on MX84
On the MX84 /Addressing & VLANs /Per-port VLAN Settings / Tag LAN port (to Core) with VLAN ID
Connect the MX84 to my Core MS425 Stack & tag the port to the SSID VLAN / - and have my Public SSID tagged with the new VLAN ID.. BAM!
Hi DouggieFresh,
How's this solution been working for you ever since it was deployed? You mentioned you needed to create a separate network for the MX84. Is that because you have different MX models in your existing network already and Meraki won't allow you to add a non-compatible model?
We're going to run into the same issue. The network will have a pair of MX95 in HA mode with a primary & backup MPLS uplink to our data centers. The challenge is, how do we accommodate an internet circuit for local internet egress...