We are refreshing our network with Meraki gear and I am in the planning stages of moving over all the firewall rules, VLAN information, etc. to a MX250. We have a point to point vlan connection to a branch office that is local to our corporate headquarters. On our current WatchGuard XTM 5 the port is configured as a trusted subnet. I am assuming on the MX250 I just need to configure the branch office subnet vlan along with the others (in Addressing & VLANs) and in the section below that (per Port VLAN configuration) configure a port for the branch office vlan?
@OSPF71Can you provide more information as to the point to point. Is is a layer 2 through the PTP private link to your branch office? everything is flat from MX/watchguard to that office or is there routing being done between the sites? If it is L2 like your post is semi-alluding to, your on the right path, if you have L3 your going to need some routes on the MX250. I also assume this site comes back through that private link to get to the internet/services?
@OSPF71Can you provide more information as to the point to point. Is is a layer 2 through the PTP private link to your branch office? everything is flat from MX/watchguard to that office or is there routing being done between the sites? If it is L2 like your post is semi-alluding to, your on the right path, if you have L3 your going to need some routes on the MX250. I also assume this site comes back through that private link to get to the internet/services?
Hi @DCooper. The Watchguard has the branch office VLAN configured on one of the interfaces and is directly connected to the branch via a Dell switch. After looking at the network information on the WG again under "Routes" I do see static routes for the subnets at the branch office (user, phone vlan's). Would I need to add those static routes under "Add a Static Route" on the Addressing & VLAN's section of the MX250?
