MX MPLS to SD-WAN Migration

Brash
Kind of a big deal
Kind of a big deal

MX MPLS to SD-WAN Migration

I'm migrating a remote site from full tunnel MPLS to internet only split-tunnel SD-WAN.

Currently, the site has a Cisco 800 that sits as the network gateway and routes all network traffic to the ISP router (via a /30) and onto the MPLS tunnel

 

I would like to stage the migration by bringing the MX up to replace the Cisco router as the gateway to the existing MPLS WAN, and then once the ISP has provisioned the internet connection, switch over to the internet connection and utilise Auto-VPN.

By that time I'll have also setup the concentrator at the primary site.

 

I'm thinking through the process and have settled on two options:

 - Switch the MX to No-NAT routed mode with MPLS connected on the WAN port. Then for migration, replace the MPLS connection with the internet connection (on the WAN port) and enable NAT on the MX.

 - Bring up the MX in NAT routed mode with the MPLS connection on a LAN port and add a static route for all network traffic to route there. Then for migration, connect the internet connection to the WAN port, remove the static route and remove the MPLS LAN port connection.

 

My question is, would either/both of these options work, and will there be less pain with one over the other?

1 Reply 1
Brash
Kind of a big deal
Kind of a big deal

In case anyone stumbles across this and it helps them, I opted for option 1.

 

I opened a case with Meraki support who enabled the No-NAT feature very quickly.

I then configured the appropriate static IP on the MX in pre-staging.

Then during deployment, all that was required was literally moving an Ethernet cable from the existing router to the MX.

 

When we do the final phase of moving away from MPLS, I'll re-enable NAT, fix up the WAN IP and configure the SD-WAN tunnel with DIA.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels