I will setup two Netowrks in the same organization and thinking of doing the LAN config as follows:
MX1
LAN Segment 10.175.255.136/29
MX IP 10.175.255.138
MX2
LA Segment 10.175.255.136/29
MX IP 10.175.255.139
Am I right?
Solved! Go to solution.
Yes, you can re-use the existing VLAN (and setup the ports on your switch the same), and yes, just use a new free IP address such as 10.175.255.139.
What are you trying to accomplish? In most setups the same LAN shares the two WANs load balanced. You can set an internet preference if something LAN side needs to stick to a certain LAN interface.
Hi Adam, what I’m trying to do is to connect the MX2 to my CORE
Currently MX1 is connected to the Core with the values I showed in my post.
My Core switch has an Interface VLAN with IP Address 10.175.255.136/29 and two ports of the MX1 are connected to it. That segment is part of a OSPF.
I don’t know if I need to create another Interface VLAN for MX 2 and the segment that I’m creating added to the current OSPF.
MX2 needs to be part of a different organization than MX1 but should have the same accesses.
Let me know if this is a little bit clear or is more confusing.
thanks
If you mean two MX's, rather then two networks, and you mean warm spare mode - then the two MXs share the same IP address.
https://documentation.meraki.com/MX/Deployment_Guides/MX_Warm_Spare_-_High_Availability_Pair
@PhilipDAth wrote:If you mean two MX's, rather then two networks, and you mean warm spare mode - then the two MXs share the same IP address.
https://documentation.meraki.com/MX/Deployment_Guides/MX_Warm_Spare_-_High_Availability_Pair
And you only need one MX license, saves you some money.
The MX's need different IPs so each of them can communicate with the cloud. If you have a third IP address available, the MX's can share a Virtual IP (VIP) so then network's public IP (and incoming connections) don't change in a failover situation.
I would configure it like this:
LAN Segment 10.175.255.136/29
MX1 IP 10.175.255.138
MX2 IP 10.175.255.139
VIP 10.175.255.140
I still don't clearly understand what you are trying to do. Could you attach a diagram (even something hand drawn and take a photo of it)?
Are you MX's in VPN concentrator mode perhaps?
Hi PhilipDAth
Let me try to explain myself again.
Currently MX1 is up and running it has IP segment 10.175.255.136/29 and the LAN IP address 10.175.255.138 interface 1 and 2 are connected to my CORE Switch connected to interface VLAN 2102, here is the configuration of the VLAN 2102 at the CORE:
interface Vlan2102
no shutdown
ip address 10.175.255.137/29
ip router ospf 1 area 0.0.0.1
Now I want to connect to my CORE a new MX (MX2) also connecting Interface 1 and 2 in the MX to the CORE, my question is for this new MX can I assign IP segment 10.175.255.136/29 LAN IP 10.175.255.139 and setup the ports in VLAN 2102 same as MX1 or do I need to create a new Interface VLAN and add that to the OSPF that I have
MX1 belongs to a different organization and I will setup MX2 to a new organization.
Also MX1 it is setup as a Hub for site-to-site VPN and I will setup MX2 the same way
MX1 and MX2 will have different Public IP Addresses
I'm also adding a hand writing diagram:
Yes, you can re-use the existing VLAN (and setup the ports on your switch the same), and yes, just use a new free IP address such as 10.175.255.139.
Perfect. Thank you!