Meraki

Community

MX HA WARM SPARE P2P ISP ADDRESS

Solved
shlomoi
Getting noticed
‎Jan 3 2024 2:53 PM
‎Jan 3 2024 2:53 PM

MX HA WARM SPARE P2P ISP ADDRESS

Hi,

We recently purchased 2 MX units and some MS switches and wireless units. I am interested in connecting the MX in HA or WARM SPARE. The problem is that my ISP  gives me one exit port from the modem and P2P addresses between us. I try to connect through my MS switches but the WARM SPARE does not synchronize, I have a small drawing of the network (until I create everything in Visio). Did I connect correctly? It should work with a P2P address? Is there another better configuration?

 

ISP address 5.29.116.169/31  

MX address 5.29.116.168/31

 

shlomoi_0-1704322308673.png

 

 

Thanks

0 Kudos
1 Accepted Solution
In response to shlomoi
Ryan_Miles
Meraki Employee
Meraki Employee
‎Jan 3 2024 3:28 PM
‎Jan 3 2024 3:28 PM

As mentioned MX HA requires unique WAN IPs and reachability to dashboard from each MX.

 

So you could get multiple IPs from one provider and connect each MX to the provider equipment or use multiple providers with one IP from each and each connected to only one MX. Either way supports HA.

 

Of course with the second example of two providers only connecting individually to each MX you cannot use a virtual IP for the WAN interface(s). And failover isn't as seamless as failing from the primary to spare MX would mean a new WAN IP is in use.

Ryan

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.

View solution in original post

0 Kudos
5 Replies 5
Ryan_Miles
Meraki Employee
Meraki Employee
‎Jan 3 2024 3:02 PM
‎Jan 3 2024 3:02 PM

Each MX in a HA configuration requires a unique WAN IP. It appears your ISP needs to give you more IPs if they only allow it to work like that with P2P IPs instead of just handing out private IPs on the inside LAN of that modem.

Ryan

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
In response to Ryan_Miles
shlomoi
Getting noticed
‎Jan 3 2024 3:16 PM
‎Jan 3 2024 3:16 PM

So in this way the HA will not work. Do I need more IP addresses? If I purchase another line And connect each line to the MX, the HA will work ?

 

Thanks 

0 Kudos
In response to shlomoi
Ryan_Miles
Meraki Employee
Meraki Employee
‎Jan 3 2024 3:28 PM
‎Jan 3 2024 3:28 PM

As mentioned MX HA requires unique WAN IPs and reachability to dashboard from each MX.

 

So you could get multiple IPs from one provider and connect each MX to the provider equipment or use multiple providers with one IP from each and each connected to only one MX. Either way supports HA.

 

Of course with the second example of two providers only connecting individually to each MX you cannot use a virtual IP for the WAN interface(s). And failover isn't as seamless as failing from the primary to spare MX would mean a new WAN IP is in use.

Ryan

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
In response to Ryan_Miles
shlomoi
Getting noticed
‎Jan 4 2024 12:32 PM
‎Jan 4 2024 12:32 PM

Hi,

Thanks for your help, but I want to understand something else, we have another branch with a similar network configuration with FORTI equipment and everything works, the FORTI is connected in HA  ACTIVE  PASSIVE. The MX doesn't know how to work in a similar way to FORTI?

 

Thanks

0 Kudos
In response to shlomoi
cmr
Kind of a big deal
Kind of a big deal
‎Jan 4 2024 1:09 PM
‎Jan 4 2024 1:09 PM

@shlomoi different vendors use different HA methods.  Meraki need at least two IPs, one for each device, on the WAN side.

If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.