MX in a separate network from other devices

Solved
NJacobe
Getting noticed

MX in a separate network from other devices

We have a 90% Meraki environment with the exception of a couple of tele gateways. All the switches, aps, and cameras are Meraki.

 

  For some reason when we first setup our MX600 we were advised to put the appliance in it's own network even though its in the data center with other devices. 

 

  It's all been working but has made troubleshooting more challenging. 

 

  Is there a reason we need to keep them separate or can I combine it with the other network that its physically connected it?  

 

 We have 5 buildings each with its own network, which makes sense, but the MX being its own (making 6 total networks) is confusing. 

 

Thanks! 

1 Accepted Solution
SoCalRacer
Kind of a big deal

You can move it. I would say possibly the recommendation was made because there was another security device in the main network. You can only have one primary MX in each network.

View solution in original post

6 Replies 6
SoCalRacer
Kind of a big deal

You can move it. I would say possibly the recommendation was made because there was another security device in the main network. You can only have one primary MX in each network.

NJacobe
Getting noticed

That was the first MX we setup so there was no other appliance in play. We did add a 100 to another network but were told to join that one. There is a site-to-site vpn setup between them but I dont expect that to break.

Not sure why it was kept separate. Any other Gotchas before I combine them?
SoCalRacer
Kind of a big deal

I would contact support to have them help review your settings before doing it. There could be some gotchas but your org isn't super flat/simple so I would always recommend a second set of eyes

cmr
Kind of a big deal
Kind of a big deal

When we tried to rename the network where our core MX is, it not only dropped the whole VPN for a few minutes, but the network name reverted...  So I'd be very careful and contact support as @SoCalRacer said.

If my answer solves your problem please click Accept as Solution so others can benefit from it.
NJacobe
Getting noticed

As an update.

 

  Combining the MX didn't break anything. I did need to change how the devices are tracked to by MAC address. By IP caused issues but nothing major.

 

  Thanks for the advice everyone.

cmr
Kind of a big deal
Kind of a big deal

Excellent, glad it went well 👍

If my answer solves your problem please click Accept as Solution so others can benefit from it.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels