DMZ

Solved
Flat4vw
Conversationalist

DMZ

Hello first time poster been lurking.

 

I have read the documentation for creating a DMZ and it s fairly simple but the document goes into ACL and other items  I will not be doing. 

 

My setup is such, MX100 at the HQ runs everything. Behind that is a mx65 that we use in the lab. This had been working flawless until we move one of our applications to the vendors cloud that require a non meraki vpn. We have several sites around out state that are spokes to the MX100. We use the autovpn a ton. All of the sites connect to the non meraki vpn just fine. Except the lab (this also setup to be a spoke) because it uses the same public ip that the mx100 uses to connect  the HQ to the vendor. It caused a double vpn to the vendor and it just caused issues. 

 

Someone mention to use a free port on the mx100 create the dmz vlan and plug it in. Since its a spoke it should connect to the autovpn and it should be able to connect to the non meraki vpn. 

Is it as simple as the above?

 

Thank you

1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal

The DMZ sounds like an easy fix.  Another option is to get a dedicated cheap Internet circuit for the lab, making it more like a real site.

View solution in original post

2 Replies 2
alemabrahao
Kind of a big deal

Well, I'm not sure. If it's just for a Lab I think you can try.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
PhilipDAth
Kind of a big deal
Kind of a big deal

The DMZ sounds like an easy fix.  Another option is to get a dedicated cheap Internet circuit for the lab, making it more like a real site.

Get notified when there are additional replies to this discussion.