MX Management Interface

RaphaelL
Kind of a big deal
Kind of a big deal

MX Management Interface

I was wondering if it is possible to configure a management interface on a MX without having to create a dedicated vlan.


Let me show an example :  We have a router , a MS switch and a MX. The management vlan is defined on the router and the MS as a management IP from that vlan ( lets say vlan 100 ). Is it possible to configure the MX to have an IP on that VLAN ? 

 

Only way I found to achieve this is my creating the same vlan on the MX and giving the ''appliance IP'' a different one than the router ( router as .1 and MX has .10 for example ). This is not really ideal. 

 

Thanks ! 

8 REPLIES 8
CptnCrnch
Kind of a big deal
Kind of a big deal

If you think about how management works for Meraki: does this really make sense?

 

We worked with dedicated management interfaces for ages, with an exclusive set of internal machines that were able to reach our devices.

“Nowadays“ with Meraki, management is completely performed from the outside, from the cloud even. That‘s what is completely different than the way things were handled before. Therefore (in my opinion) something like dedicated management interfaces don‘t make sense in this scenario.

RaphaelL
Kind of a big deal
Kind of a big deal

We are on the same page. But we have many cases that we need to configure the MX from the local page ( PPPoE ) which ( why ? ) can't be done from the dashboard

CptnCrnch
Kind of a big deal
Kind of a big deal

Well, even then you won‘t need a dedicated mgmt interface. Go to https://mx.meraki.com and log in with credentials (hopefully set within the cloud management). Or am I getting you completely wrong here?

RaphaelL
Kind of a big deal
Kind of a big deal

Well , maybe my first post wasn't 100% clear.

 

We have already set the creds within the cloud management and yes within the same subnet you can go to https://mx.meraki.com . But let's say the MX is installed in a remote site and https://mx.meraki.com  ( These URLs will work for any Cisco Meraki devices listed above, but will only access the first device in its path. ) so we have to reach it with an IP that is configured on the MX. To do so , you have to create a vlan interface and set an appliance IP. That IP will get you to the local page, but at the cost of creating a useless vlan interface.

 

This is how we are dealing with the local page for the moment.


@RaphaelL wrote:

Well , maybe my first post wasn't 100% clear.

 

We have already set the creds within the cloud management and yes within the same subnet you can go to https://mx.meraki.com . But let's say the MX is installed in a remote site and https://mx.meraki.com  ( These URLs will work for any Cisco Meraki devices listed above, but will only access the first device in its path. ) so we have to reach it with an IP that is configured on the MX. To do so , you have to create a vlan interface and set an appliance IP. That IP will get you to the local page, but at the cost of creating a useless vlan interface.

 

This is how we are dealing with the local page for the moment.


Have you attempted to access the local status page remotely (via its public IP)?  You can whitelist/allow your single public IP, access it, then remove it so nothing can access it again.

 

https://www.willette.works/remote-mx-local-status-page/

Nolan Herring | nolanwifi.com
TwitterLinkedIn

Well , long story , I'm fully aware that Meraki products do not fit us at all.

 

Also our 500-600 MX are all in configuration templates so the less we mess with it , the better. 

 

Thanks for the suggestions the public IP is always my last resort ( and I have used it in the past ). 

 

Preconfiguring our MX is always the best idea, but since we are a big company it's not always easy to keep track of everything.

 

I might close this thread since there is no way to configure a mgmt interface. Thanks !

PhilipDAth
Kind of a big deal
Kind of a big deal

>I was wondering if it is possible to configure a management interface on a MX without having to create a dedicated vlan.

 

No.

 

You can turn the local manage interface off all together once it is setup and running if you like.

https://documentation.meraki.com/zGeneral_Administration/Tools_and_Troubleshooting/Using_the_Cisco_M...

@RaphaelL  Meraki MX units are designed to have their inital setup done with the unit in front of you and then managed via the dashboard, that is the whole design premise of Meraki.

 

If you 100% require a management interface Meraki MX is not the product for you. 

 

You could always use the make a wish feature and reach out to your account manager.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels