Meraki

Community

MX VPN One-armed Concentrator Mode - Layer3 switch needed?

whistleblower
Building a reputation
‎Apr 3 2020 1:34 PM
‎Apr 3 2020 1:34 PM

MX VPN One-armed Concentrator Mode - Layer3 switch needed?

Hi Guys,

when I look at the following network plan (https://meraki.cisco.com/lib/pdf/meraki_whitepaper_vpn_redundancy.pdf), I don't understand - why a Layer3 switch is used/necessary in this scenario? wouldn't it make more sense to "connect" the MXs from L3 perspecitve directly on the 3rd party firewall?

 

Unbenannt.PNG

 

Assuming the layer3 switch terminates the customer vlan`s /w ip-subnets you could also regulate this traffic on the FIrewall?!

 

I appreciate every opinion - thank you!

0 Kudos
2 Replies 2
cmr
Kind of a big deal
Kind of a big deal
‎Apr 3 2020 2:15 PM
‎Apr 3 2020 2:15 PM

You could use a firewall as the network core indeed, it is simply historically usual that you use a L3 switch at a site core for performance reasons. 

If my answer solves your problem please click Accept as Solution so others can benefit from it.
In response to cmr
whistleblower
Building a reputation
‎Apr 6 2020 12:18 AM
‎Apr 6 2020 12:18 AM

ok - thank you! But do you think that this would be dramatic in todays LAN`s as well?

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.