I have two MX100 devices I want to setup for NAT-HA. In the dashboard when I go to the "configure warm spare" button, it will not allow me to enter the serial number of either device. Thus I can not configure a warm spare.
The devices are setup according to the following documentation
https://documentation.meraki.com/MX-Z/Deployment_Guides/NAT_Mode_Warm_Spare_(NAT_HA)
Direct Connected
Please advise.
Thanks
Solved! Go to solution.
Remove one of the devices from a network. Then you can add it back to the a network that already has an MX into it and form the warm spare.
From memory, I normally just go to the inventory, select the second MX and add it to the same network as the primary and it adds it as a warm spare. Pehaps give that a try.
Agreed, we're assuming the 2nd MX has been claimed and is already in your Dashboard inventory? If so, you should certainly be able to add it as a warm spare, either from the Appliance Status page or the way @PhilipDAth mentioned. If still not working, I'd check with Support.
I think my problem is that the devices have been registered as separate networks. I'm configuring them for a client and they made separate networks for each device.
Remove one of the devices from a network. Then you can add it back to the a network that already has an MX into it and form the warm spare.
Another thing that confused me the 1st time I set some of these up as warm spare is that they don't explicitly say that the inside ports should be trunk ports. My customer wanted to use different ports on the MX for different VLANS going to his network but we were never able to get the units to be redundant that way.
You need 3 IP addresses on the outside but only 1 for each VLAN on the inside and then put a trunk between and trunks into your internal network.
Perhaps in the future Meraki can figure out a way to have an active / active with VRRP on the inside.
each MX needs to be able to see the other MX on each VLAN (the MX runs VRRP between each internal layer 3 interface). You can use access interfaces to achieve this if you like, but trunk interfaces tend to be more efficient on ports when there are more than just a handful of VLANs. There is also nothing to stop you using both trunk and access interfaces at the same time, as needs may require.
have you considered stacking them instead? I was told by a Cisco employee not to use the warm spare feature, never got the reason though but I guess it is just it was (is?) not mature enough.
You might be thinking of switches.
You can't stack MX units.
sorry, I was definitely thinking of switches yes.