Meraki

Lukef · ‎May 2 2022

Hi Team,

We have a requirement where we need to make our azure vmx a default route so we can pass off the SD-WAN to another firewall appliance.

Just wondering if anyone has ever managed to get this to work. From the reading i have done others have this working happily in AWS but there is not much info doing this via Azure.

I have setup the environment, set the default route for the vmx to egress via our firewall appliance which is working fine and as i can see the vmx public ip is now the same as our firewall appliance.

The problem is as soon as i set the vmx as a default route for one of our test sites internet access drops at the test site on the sd-wan connected vlan.

I have done some packet captures on our firewall appliance and can see the traffic go out and come back in and get routed to the vmx. However on the vmx all i can see is retransmissions in the logs.

Have any of you managed to get this to work? thanks in advance.

Lukef · ‎May 3 2022

Any luck on this one guys, Have spoken with Meraki support and they are very vague and have no examples of this working but think it should work?

They mentioned contacting Azure support which I have done but not sure how far this will get.

PhilipDAth · ‎May 4 2022

If you do a packet capture on the VMX do you see the return traffic?

Any Azure firewall rules (network security group) that might be blocking the traffic?

Lukef · ‎May 9 2022

Hey Phillip, I resolved the issue. Not sure what it did but a redeployed my firewall in azure and it sorted itself.

All config was still the same but guessing something was wrong in the interface order or something.

I can confirm i have a working fortinet firewall with a Meraki behind it acting as a default route!!

thanks for your reply!

Meraki

Community

Azure Default route

Azure Default route