Meraki

Community

IDS on Meraki MX in bridge mode and tagging traffic (trunk)

tonyavk
Here to help
‎Apr 22 2025 6:24 PM
‎Apr 22 2025 6:24 PM

IDS on Meraki MX in bridge mode and tagging traffic (trunk)

Hello Community! 

 

I have few internet uplinks that have own firewalls and sdwan cpe that needs public IP but I want to have more visibility on traffic and thinking to use Meraki MX with advance security license in bridge mode to have passive IDS.

I understand how it works in theory with one internet feed but is it possible to connect thought meraki multiple internet uplinks? 

 

It will be like: switch trunk port -- mx wan port -passive IDS- mx lan port -- switch with trunk mode. 

 

Will it work ? 

tonyavk_0-1745372506652.png

 

Labels:
0 Kudos
2 Replies 2
alemabrahao
Kind of a big deal
Kind of a big deal
‎Apr 23 2025 2:56 AM
‎Apr 23 2025 2:56 AM

It is not possible to configure the WAN interface in trunk mode.

So I'm afraid it won't work.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 23 2025 12:51 PM
‎Apr 23 2025 12:51 PM

https://documentation.meraki.com/MX/Networks_and_Routing/Passthrough_Mode_on_the_MX_Security_Applian...

 

"VLANs cannot be configured. The MX/Z1 will act as a bridge between the Internet and LAN ports"

 

"Tag the IP address configured on the WAN interface of the MXs in passthrough mode with the appropriate VLAN ID if the upstream port is expecting only tagged traffic."

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.