@Mloraditch 

Thanks for the info. I'll check out those models. 

The switch's management uplink would connect to our internal core switch? Are there any security concerns with that? 

@Mloraditch 

I think we need three SFP+ ports on a switch; one for the fiber into the switch from the ISP's DIA, then one to each of the Meraki MX95s. If I'm sticking with your MS130 recommendation, would the switch I'd need be MS130-24X-HW? 

Would this be the topology? (blue = gigabit RJ45, orange = 10g fiber)

I have an RJ45 port on the MS130 going to a LAN port on each MX for management. I figured I could create a vlan on the MX95s that wouldn't go inside, and would just provide internet access to the MS130 so it could get to the Meraki dashboard. 

That switch appears to be more expensive that what I had in mind. Anything cheaper you are aware of? 

I'm going to take a different strategy.

Ask the ISP performing the upgrade whether they can provide a pair of SFP+ ports in a bridge configuration to connect the primary and backup firewalls.  It will be easier for you if they take this on.

If they are not keen, ask them what they would charge to provide this service.

Otherwise, I think the MS130-24X is the lowest spec Meraki switch that has 4 SFP+ ports (you need three ports).

https://documentation.meraki.com/Switching/MS_-_Switches/Product_Information/Overviews_and_Datasheet...

Also, do you have a 10Gbe connection between the MX95 and your 6509?

Hello @PhilipDAth 

The ISP has provided quotes for both single and dual hand off. While architecturally preferable, the dual hand off increases the cost per month significantly. I'm trying to make sure I have all the info when I go to my superiors with the options. Example; they'd probably want to know if we could save $200 a month for 3yrs by employing a switch. 

I do not currently have 10Gbe connections between the MX95s and the 6509. But there are ports available on all hardware. I assume, dual or single hand off, moving to these connections would be a requirement of going above 1Gbe. 

@Mloraditch 

"oh duh" moment. I did not realize the MX95's RJ45 WAN ports where 2.5Gbe. The cost of the MS130-8X-HW is much more palatable. So looking at this architecture now. Thoughts? 

@Mloraditch A follow up question to that too. For the MS130-8X-HW, do I need the enterprise or advance license? 

@Mloraditch @PhilipDAth 

Thank you both for your help. 

This might work, but it only has two SFP+ ports, but it does have 4 - 10GB multi-gigabit copper ports.

And this switch can be managed by the Meraki dashboard with the latest IOS-XE firmware.

Of course the UPoE would be completely wasted...