Meraki

Community

MX 105 WAN ports

Solved
iores
Here to help
4 weeks ago
4 weeks ago

MX 105 WAN ports

Hi,

 

As per datasheet, MX 105 supports 4 WAN ports (2x SFP+, 2x 2.5 GB RJ45). Only two WAN ports can be active at the same time.

 

I need to use both SFP+ ports to connect the appliance to two MPLS cloud.

 

Can I use somehow 2.5GB ports to connect the appliance to the upstream L3 switch or will I need to use LAN ports for that instead?

Labels:
0 Kudos
1 Accepted Solution
ww
Kind of a big deal
Kind of a big deal
4 weeks ago
4 weeks ago

No, The ports are dedicated wan ports.

Also the ports get disabled when you are using sfp port 1 and 2, only 1 more could be available as wan backup link

https://documentation.meraki.com/MX/MultiWAN_Backup_Uplink

View solution in original post

14 Replies 14
ww
Kind of a big deal
Kind of a big deal
4 weeks ago
4 weeks ago

No, The ports are dedicated wan ports.

Also the ports get disabled when you are using sfp port 1 and 2, only 1 more could be available as wan backup link

https://documentation.meraki.com/MX/MultiWAN_Backup_Uplink

iores
Here to help
4 weeks ago
4 weeks ago

I have just seen that MX 105 supports 10G LAN port.

 

However, I have additional question - if hub MX is connected to two MPLS clouds for connecting to other spoke MXs for AutoVPN purposes, and uses WAN interfaces for this, does this mean that the hub MX needs to get to internet/Meraki Dashboard only via WAN ports or it can get to it via 10G LAN port towards upstream L3 switch?

0 Kudos
In response to iores
ww
Kind of a big deal
Kind of a big deal
4 weeks ago
4 weeks ago

Not sure if this answers your question:  but all wan interfaces need reachability to the meraki cloud https://documentation.meraki.com/General_Administration/Other_Topics/Upstream_Firewall_Rules_for_Clo...

 

You could still use other default routes  for the vpn overlay, or local  routed lan subnets

0 Kudos
In response to ww
iores
Here to help
4 weeks ago
4 weeks ago

Not sure I understand you. All spokes will go to internet via hub. Hub will not be directly connected to ISP but will have L3 link with the upstream L3 switch. So one WAN port I plan to connect to Metro Ethernet cloud to connect with other spoke sites. The second WAN port I plan to connect with upstream L3 switch which is connected to ISP. Would this be correct?

0 Kudos
In response to iores
alemabrahao
Kind of a big deal
Kind of a big deal
4 weeks ago
4 weeks ago

Yes,you can do this. Take a look at the recommended topology.

 

https://documentation.meraki.com/Architectures_and_Best_Practices/Recommended_Topologies/MX_and_MS_B...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
In response to iores
alemabrahao
Kind of a big deal
Kind of a big deal
4 weeks ago
4 weeks ago

Just remember, as mentioned, to communicate with the Meraki cloud the link must be able to access the internet. If your Metro link will not serve this purpose you will not be able to use it.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
In response to iores
cmr
Kind of a big deal
Kind of a big deal
4 weeks ago
4 weeks ago

I've done this before, but with the hub MX in single ended concentrator mode.  The topology at the hub site is MPLS -> L3 switch -> MX with the L3 switch also having the edge firewalls for the hub (additional to the single ended MX) plugged into it.

If my answer solves your problem please click Accept as Solution so others can benefit from it.
In response to cmr
iores
Here to help
4 weeks ago
4 weeks ago

Why in concentrator and not in routed mode? I have read that concentrator mode should be avoided because you loose (1) flow preferences, and (2) backup WAN circuit. The article I have read is from 2017 so I don't know if this still is valid as of today 

0 Kudos
cmr
Kind of a big deal
Kind of a big deal
4 weeks ago
4 weeks ago

The WAN needs to be able to get to the internet, as my MPLS circuits didn't have internet access, it was the only choice.  It also allows as many WAN links as you like, we had two MPLS networks and two internet lines with Auto VPN connections coming in to the hub over all four lines.  You can prioritise from the remote end and it worked well for us.

 

The new team that came in tried to replace it, but realised it was set up as it was for the best availability and performance, so let it alone.

If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
In response to cmr
iores
Here to help
4 weeks ago
4 weeks ago

Not sure I understood you. Your hub was connected only to MPLS? How did it get to internet?

 

Why it didn't worked with routed mode?

0 Kudos
In response to iores
alemabrahao
Kind of a big deal
Kind of a big deal
4 weeks ago
4 weeks ago

Take a look at the documentation.

 

https://documentation.meraki.com/MX/Deployment_Guides/MPLS_Failover_to_Meraki_Auto_VPN

 

https://documentation.meraki.com/MX/Networks_and_Routing/Integrating_an_MPLS_Connection_on_the_MX_LA...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to iores
cmr
Kind of a big deal
Kind of a big deal
4 weeks ago
4 weeks ago

There is a L3 switch core at the hub site.  The MPLS networks terminate on that.  The internet connections terminate on a separate firewall and the LAN side of the firewalls terminates on the L3 switch core.  The MX then also connects WAN1 to the L3 switch core.

 

Therefore it can 'see' the internet and the MPLS networks and connect AutoVPNs over any and all of them.

If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
In response to cmr
iores
Here to help
4 weeks ago
4 weeks ago

How did you managed to have connection to MPLS and internet via only WAN1 port? Was the WAN1 port in the same subnet as firewall LAN side and MPLS side?

0 Kudos
In response to iores
ww
Kind of a big deal
Kind of a big deal
4 weeks ago
4 weeks ago

https://documentation.meraki.com/MX/Site-to-site_VPN/Configuring_Site-to-site_VPN_over_MPLS

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.