Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MX HA to Vendor LAN

MJHogan
Just browsing
‎May 25 2022 8:36 AM
‎May 25 2022 8:36 AM

MX HA to Vendor LAN

Is it possible to configure a MX84 with HA and IPS to directly connect to our vendors LAN without using a VPN? We share the same physical space, but our networks and infrastructure are completely separate. We only need to access a couple of business applications on their side. I'm assuming we would treat them as if they were an ISP, but I feel I'm missing something?

 

Any help will be appreciated.

 

Thanks,

0 Kudos
Subscribe
2 Replies 2
ww
Kind of a big deal
Kind of a big deal
‎May 25 2022 9:58 AM
‎May 25 2022 9:58 AM

Would use a transit subnet/vlan on the lan side and then set static routes. IPS  also work between vlans.  make sure to get firewall rules in place to allow only necessary traffic sourcing from your side, deny incoming from there IP's

 

If they where behind the wan interface you have challenges like default route-flow preferences, nat,  and you need internet connection on that interface

0 Kudos
Subscribe
MJHogan
Just browsing
‎May 25 2022 12:11 PM
‎May 25 2022 12:11 PM

Just so I'm asking correctly, We are basically wanting to configure the environment like the second example in this Meraki document 

 

https://documentation.meraki.com/MX/Networks_and_Routing/Passthrough_Mode_on_the_MX_Security_Applian...

 

Except, instead of going out to the Internet, we will be going into our Vendor's router and have a second MX as a spare. I assume one of Internet ports on the MX will be used for the Vendor router and the other will go into our LAN, which will have access to the Internet.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.