Meraki

Community

Challenge MX Architecture

Solved
krisaraujo
Comes here often
‎Apr 25 2025 8:24 AM
‎Apr 25 2025 8:24 AM

Challenge MX Architecture

How to address all these requirements in one MX appliance model for a central site:

- (03) three WAN links support

- 1.200 count users

- SD-WAN hub and spoke 2 branches offices

- 1,000,000 concurrent connections

 

Someone could help me ? vMX-Large would be a choice? In doubt about (03) three WAN links support...

 

We are competing directly with Fortinet (Fortigate 100F).

Thanks in advance.

0 Kudos
1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 28 2025 12:59 PM
‎Apr 28 2025 12:59 PM

I think I would tackle this a different way, using a failover pair of MX450s.  I know I would like redundancy for a solution that supports 1200 users.  Note that you don't have to buy a licence for the second MX450 when it is used as a warm spare.

 

Plug the two main circuits into the primary MX.  Plug the third circuit into the standby MX.  The third circuit will only be used if the two primary circuits have both failed or if the primary MX has failed.

 

Note that only the MX450 and above can handle 1,000,000 sessions (search for the word sessions in this document).

https://documentation.meraki.com/MX/MX_Sizing_Information/MX_Sizing_Principles

 

View solution in original post

0 Kudos
6 Replies 6
alemabrahao
Kind of a big deal
Kind of a big deal
‎Apr 25 2025 9:03 AM
‎Apr 25 2025 9:03 AM

Based on your requirements, the MX105 model would be suitable option.

 

MultiWAN Backup Uplink - Cisco Meraki Documentation

 

But there are some considerations you have to think about, for example, you will have 3 links, but one of them will only work as a backup, while the other two can work as active ones.

Another question is if you have mapped other requirements? such as the need to configure source NAT, or configure GRE tunnels, since MX does not support these features.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
alemabrahao
Kind of a big deal
Kind of a big deal
‎Apr 25 2025 9:06 AM
‎Apr 25 2025 9:06 AM

Here is the datasheet for the model mentioned, but it would be interesting to work with a Meraki sales architect to discuss all the requirements with you.

 

https://documentation.meraki.com/MX/MX_Overviews_and_Specifications/MX95%2F%2F105_Datasheet

 

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
alemabrahao
Kind of a big deal
Kind of a big deal
‎Apr 25 2025 9:39 AM
‎Apr 25 2025 9:39 AM

I just saw that you need support for 1,200 clients.

With this specification, no model that supports 3 WAN links will meet your needs. The larger boxes will meet the number of users, but they won't have 3 WAN links.

In other words, no model will meet your needs for these specifications.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
RMP-Topher
Here to help
‎Apr 26 2025 5:21 AM
‎Apr 26 2025 5:21 AM

We run 2000+ users a minute through MX250's.  We have them configured in HA pair.  This allows for 2 connections to the one DIA circuit with graceful failover to the second circuit and auto-failover to the second machine.  The HA pairing option only requires one license.  With these options a third circuit shouldn't be necessary.  However, the local page configuration does allow for port type change, which may allow you 3 circuits.  

0 Kudos
cmr
Kind of a big deal
Kind of a big deal
‎Apr 26 2025 12:47 PM
‎Apr 26 2025 12:47 PM

You can use 3 circuits on an MX250, but only two can be active.  Primary MX250 has carrier A and B, secondary MX has carrier A and C.  C will only be active if the primary MX fails, B will not be active if the primary MX fails.

If my answer solves your problem please click Accept as Solution so others can benefit from it.
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 28 2025 12:59 PM
‎Apr 28 2025 12:59 PM

I think I would tackle this a different way, using a failover pair of MX450s.  I know I would like redundancy for a solution that supports 1200 users.  Note that you don't have to buy a licence for the second MX450 when it is used as a warm spare.

 

Plug the two main circuits into the primary MX.  Plug the third circuit into the standby MX.  The third circuit will only be used if the two primary circuits have both failed or if the primary MX has failed.

 

Note that only the MX450 and above can handle 1,000,000 sessions (search for the word sessions in this document).

https://documentation.meraki.com/MX/MX_Sizing_Information/MX_Sizing_Principles

 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.