cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MX and No-NAT operation

Getting noticed

MX and No-NAT operation

Greetings

 

Has anyone out there had much experience in using the No-NAT feature in BETA release 15.x?

 

Are there known issues if you leverage this feature?

 

If issues arise I gather Meraki won't troubleshoot with you because it's BETA?

 

And the million dollar question, when will Meraki make 15.x a stable rls candidate? 3-6 months, 1 year?

 

I'm in a scenario where I "need" (Don't ask) to use a MX as a simple router, no NAT no ACL (ingress/egress) - there is another firewall in place which will reside off the MX's LAN interface. That firewall will be performing the NAT/Firewall function.

 

Thanks in-advance

2 REPLIES 2
Kind of a big deal

Re: MX and No-NAT operation

>If issues arise I gather Meraki won't troubleshoot with you because it's BETA?

 

I can only share my experience with beta features.  Generally they will try and help, but if you run into something that is broken - then it is bad luck.

 

>And the million dollar question, when will Meraki make 15.x a stable rls candidate? 3-6 months, 1 year?

 

This is a wild guess.  I would say at least 12 months.  My personal impression is that we only get a stable release canidate change to a new major version once per year.

 

>I'm in a scenario where I "need" (Don't ask) to use a MX as a simple router, no NAT no ACL (ingress/egress) - there is another firewall in place which will reside off the MX's LAN interface. That firewall will be performing the NAT/Firewall function.

 

Have you considered using the MX in layer 2 mode?  It sounds so much simpler in your case ...

https://documentation.meraki.com/MX/Networks_and_Routing/Passthrough_Mode_on_the_MX_Security_Applian...

 

Highlighted
Getting noticed

Re: MX and No-NAT operation

Thanks for your reply.

 

Passthrough mode is a no go as the carrier will _only_ supply a initial /30 public block per service. They will then route any additional space (in this case a /29) to the /30 CE. There are 2 x PAN's that are in HA that will consume the /29 for the WAN setup. So I'm looking at the MX WAN having the /30 and the LAN having the /29, so it must be routed mode.....sales people.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.