Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

HA MX - Assign same ISP address to both MXs

Pizza
Comes here often
‎Mar 8 2023 6:07 AM
‎Mar 8 2023 6:07 AM

HA MX - Assign same ISP address to both MXs

Just curious if its possible to assign the same ISP address to WAN 1 of the primary MX and also the same IP on the WAN 2 of the Spare MX (HA)?

 

The WAN 1 interface on the spare MX will be the primary ISP which will allow access to the dashboard.

 

We only have a /30 for our primary ISP so I was wondering if it was possible to use the same WAN on both MXs. I'm assuming the spare unit will be communicating with the primary through our local switch using the MX uplink IPs.  

0 Kudos
Subscribe
3 Replies 3
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 8 2023 6:10 AM
‎Mar 8 2023 6:10 AM

Unfortunately not. Maybe with NATed IP.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Subscribe
KarstenI
Kind of a big deal
Kind of a big deal
‎Mar 8 2023 7:30 AM
‎Mar 8 2023 7:30 AM

As already mentioned, no! My typical workarounds are (from most to least preferred):

  1. Get a /29 from the ISP. ISPs do a lot for money, even giving larger subnets.
  2. Use the second MX as a cold spare.
  3. Place a router in-front of the MXes. The router does NAT/PAT and both MXes are using a shared private IP network with the router. This will insert an additional single-point of failure which should als be considered. By default this also introduces double NAT which will generally work but I would consider it a bad design. The double NAT can be avoided by NAT-Excemption on the MX, but you lose some probably important features.
  4. And I forgot one option: Some ISPs provide the option to provide the private IPs to devices and do the NAT/PAT on a dedicated interface or VLAN. This is similar to the option three, but without the additional single-point-of-failure. And also the double NAT can often not be avoided.
0 Kudos
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 8 2023 11:36 AM
‎Mar 8 2023 11:36 AM

You could also consider putting a celluar data connection on the second MX, so if you lost the primary wired connection it would fail over to the spare MX and the cellular connection.

Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.