Meraki

Community

MX and No-NAT operation

General-Zod
Getting noticed
‎May 13 2019 5:19 PM
‎May 13 2019 5:19 PM

MX and No-NAT operation

Greetings

 

Has anyone out there had much experience in using the No-NAT feature in BETA release 15.x?

 

Are there known issues if you leverage this feature?

 

If issues arise I gather Meraki won't troubleshoot with you because it's BETA?

 

And the million dollar question, when will Meraki make 15.x a stable rls candidate? 3-6 months, 1 year?

 

I'm in a scenario where I "need" (Don't ask) to use a MX as a simple router, no NAT no ACL (ingress/egress) - there is another firewall in place which will reside off the MX's LAN interface. That firewall will be performing the NAT/Firewall function.

 

Thanks in-advance

0 Kudos
2 Replies 2
PhilipDAth
Kind of a big deal
Kind of a big deal
‎May 13 2019 7:50 PM
‎May 13 2019 7:50 PM

>If issues arise I gather Meraki won't troubleshoot with you because it's BETA?

 

I can only share my experience with beta features.  Generally they will try and help, but if you run into something that is broken - then it is bad luck.

 

>And the million dollar question, when will Meraki make 15.x a stable rls candidate? 3-6 months, 1 year?

 

This is a wild guess.  I would say at least 12 months.  My personal impression is that we only get a stable release canidate change to a new major version once per year.

 

>I'm in a scenario where I "need" (Don't ask) to use a MX as a simple router, no NAT no ACL (ingress/egress) - there is another firewall in place which will reside off the MX's LAN interface. That firewall will be performing the NAT/Firewall function.

 

Have you considered using the MX in layer 2 mode?  It sounds so much simpler in your case ...

https://documentation.meraki.com/MX/Networks_and_Routing/Passthrough_Mode_on_the_MX_Security_Applian...

 

In response to PhilipDAth
General-Zod
Getting noticed
‎May 13 2019 8:03 PM
‎May 13 2019 8:03 PM

Thanks for your reply.

 

Passthrough mode is a no go as the carrier will _only_ supply a initial /30 public block per service. They will then route any additional space (in this case a /29) to the /30 CE. There are 2 x PAN's that are in HA that will consume the /29 for the WAN setup. So I'm looking at the MX WAN having the /30 and the LAN having the /29, so it must be routed mode.....sales people.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.