Meraki

Community

Connecting an MX84 on WAN1 to a Private IP Address

Solved
mcoomber
Getting noticed
2 weeks ago
2 weeks ago

Connecting an MX84 on WAN1 to a Private IP Address

Hi all,

I'm trying to do something I'm not sure will work.

 

I've got an Internet service from a home network that issues IP addresses on the 192.168.x.x. 

I have an MX84 SDWAN connected to a different service provider with a public static IP Address. 

The Public Static IP address is configured on WAN2 on the SDWAN. All traffic currently flows through WAN2. 

Now I want to connect the home network to the SDWAN on WAN1 and then configure an SSID on the APs to have all Android, iPhones, and other OS transfer traffic through WAN1. 

 

Is this possible? 

 

When I connect the home network to WAN1 and configure it to get its IP from the home network, or when I configure it with a static IP, I get a status FAILED. 

 

0 Kudos
1 Accepted Solution
Mloraditch
Kind of a big deal
2 weeks ago
2 weeks ago

In theory this should work, but it sounds like something is blocking the connection.

You can check the upstream device against the Meraki firewall rules as documented here: https://documentation.meraki.com/General_Administration/Other_Topics/Upstream_Firewall_Rules_for_Clo...

Once you get that resolved, you can use Flow preferences to send traffic from the specific SSID out that WAN: https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Load_Balancing_and_Flow_Preferen...
The traffic will need to be on a unique subnet.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.

View solution in original post

8 Replies 8
Mloraditch
Kind of a big deal
2 weeks ago
2 weeks ago

In theory this should work, but it sounds like something is blocking the connection.

You can check the upstream device against the Meraki firewall rules as documented here: https://documentation.meraki.com/General_Administration/Other_Topics/Upstream_Firewall_Rules_for_Clo...

Once you get that resolved, you can use Flow preferences to send traffic from the specific SSID out that WAN: https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Load_Balancing_and_Flow_Preferen...
The traffic will need to be on a unique subnet.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
In response to Mloraditch
mcoomber
Getting noticed
2 weeks ago
2 weeks ago

Thanks. I've got WAN1 to become active when I used dynamic IP instead of Static.

The IP on WAN1 uplink is 192.168.x.x.

Just one more question. 

I've configured the SSID to be OPEN while I do the test and the flow preference to allow traffic on 10.0.0.0/8 since I have configured the SSID to use Meraki AP assigned (NAT mode). 

It shows connected on the client devices but no Internet.

 

0 Kudos
In response to mcoomber
alemabrahao
Kind of a big deal
2 weeks ago
2 weeks ago

I think it won't work for NAT mode, since the traffic that goes out to the internet is from the AP's IP.

You will need to change to bridge mode.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
In response to alemabrahao
alemabrahao
Kind of a big deal
2 weeks ago
2 weeks ago

Check it out.

 

https://documentation.meraki.com/MR/Client_Addressing_and_Bridging/NAT_Mode_with_Meraki_DHCP

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
In response to Mloraditch
mcoomber
Getting noticed
2 weeks ago
2 weeks ago

I just realised that the devices are not transmitting out that WAN. I created the subnet and assigned the meraki to issue out DHCP to that subnet. I then configured the SSID to use the VLAN ID tag associated with the subnet.  When I try to connect I get the message: Couldn't get IP address

0 Kudos
In response to mcoomber
alemabrahao
Kind of a big deal
2 weeks ago
2 weeks ago

I think it would be interesting to open a new discussion since this is a different issue.

Please provide more information and screenshots of the configurations you made and, if possible, a topology in the new discussion.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
In response to alemabrahao
mcoomber
Getting noticed
2 weeks ago
2 weeks ago

I have opened a new discussion. Thanks for the advice. 

 

0 Kudos
alemabrahao
Kind of a big deal
2 weeks ago
2 weeks ago

Yes, it is.

 

https://documentation.meraki.com/MX/Other_Topics/Static_IP_Assignment

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.