Meraki

Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Connectivity / Bridging between 2 Meraki Org

Solved
amabt
Building a reputation
‎Jan 19 2022 11:35 PM
‎Jan 19 2022 11:35 PM

Connectivity / Bridging between 2 Meraki Org

We have 2 Meraki Org A & B  that we are trying to merger together over a long period. Our Data Centre DC1A (using an MX100)  in Org A has services that sites needs to access via VPN and not exposed to the Internet.

 

Our plan is to migrate site from Org A to Org B one by one (move hardware & licenses etc) and re-create the site over in Org B. Keeping down time to a minimal.

 

Sites from Org A will be recreated in Org B (lets call it network B1). However B1 still need to access DC1A until it is  moved over at the end of migration phrase.

 

What is the best and simplest option "bridge" B1 with DC1A (still in the old Org). How would you do this? Can it be done with only Meraki HW / VMXs in Azure or needing additional hardware?

 

Thanks

Labels:
0 Kudos
1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jan 20 2022 11:13 AM
‎Jan 20 2022 11:13 AM

The easiest option is to put a second MX in DC1A from the second org.  Each uses AutoVPN to their own respective spokes.

 

Then add static routes in each MX for the other MX spokes routed via the other MX, and redistribute those static routes into AutoVPN.

 

Now all spokes and talk to all other spokes regardless of the Org they are in.

View solution in original post

5 Replies 5
DarrenOC
Kind of a big deal
Kind of a big deal
‎Jan 20 2022 12:46 AM
‎Jan 20 2022 12:46 AM

If you have MXs in each Org why not build a s2s VPN?  Once you have connectivity confirmed between your Orgs and Networks then build out your plan to migrate your Networks.

 

Meraki support will need to assist you with moving your licenses between the Orgs.

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
0 Kudos
In response to DarrenOC
CptnCrnch
Kind of a big deal
Kind of a big deal
‎Jan 20 2022 12:51 AM
‎Jan 20 2022 12:51 AM

Meraki support will need to assist you with moving your licenses between the Orgs.

...if you're still on Co-Term licensing. Using PDL this can be accomplished by the admin himself.

 

I'd have supposed to using an 3rd Party VPN too, as AutoVPN can't be used in this scenario.

0 Kudos
In response to CptnCrnch
amabt
Building a reputation
‎Jan 22 2022 7:24 PM
‎Jan 22 2022 7:24 PM

We are on PDL and I've test moved devices and licenses so not an issue there.

 

3rd party VPN was one option suggested by Meraki support.

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jan 20 2022 11:13 AM
‎Jan 20 2022 11:13 AM

The easiest option is to put a second MX in DC1A from the second org.  Each uses AutoVPN to their own respective spokes.

 

Then add static routes in each MX for the other MX spokes routed via the other MX, and redistribute those static routes into AutoVPN.

 

Now all spokes and talk to all other spokes regardless of the Org they are in.

In response to PhilipDAth
amabt
Building a reputation
‎Jan 22 2022 7:23 PM
‎Jan 22 2022 7:23 PM

Thanks. This is effectively what we have settled on to test. We've put one of our spare MX (joined to Org B) in DC1A acting as a VPN Concentrator and then use static routes.

 

We are still testing this out fully.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.