How do we handle Guest wireless traffic on Merak MX (MX84)? With ASA you can create a NAT rule that allows you to keep your Guest traffic on a separate WAN IP than your CORP traffic. It looks like this is not a function on the MX yet. What can we do to separate this traffic?
Solved! Go to Solution.
That's not possible on an MX I'm afraid. As you're not using the second uplink atm... couldn't you connect the second port to the same provider device with the second IP address?
I assume your guest traffic is on a separate VLAN and subnet. With flow preferences you can specify which uplink their traffic needs to take:
Thanks for the reply,
There is only 1 uplink with multiple available IP addresses. Let's say that x.x.x.1/29 is the IP for CORP traffic, I want x.x.x.2/29 to be what we use for Guest traffic. We whitelist the CORP IP on AWS, so I don't want users on Guest network to have the same access as CORP. This is how the ASA is currently configured without issue.
That's not possible on an MX I'm afraid. As you're not using the second uplink atm... couldn't you connect the second port to the same provider device with the second IP address?
Thanks, Yes I should be able to.
got it Thanks!