Meraki

Community

MX operating in HA and Firewall 2xFPR1120-NGFW-K9 for Any connect/encryption suites and features

SuhasKawale
Comes here often
‎Feb 15 2022 4:46 AM
‎Feb 15 2022 4:46 AM

MX operating in HA and Firewall 2xFPR1120-NGFW-K9 for Any connect/encryption suites and features

What's the recommended way to cable and configure 2x MX75/85 operating in HA and Firewall 2xFPR1120-NGFW-K9 for Any connect/encryption suites and features like posturing, etc capabilities? Any design recommendation please. 

0 Kudos
5 Replies 5
KarstenI
Kind of a big deal
Kind of a big deal
‎Feb 15 2022 7:22 AM
‎Feb 15 2022 7:22 AM

I typically tut them parallel to each other:

  • the MXes have direct WAN connection
  • The VPN-Gateways have direct WAN-Connection
  • LAN of both of them is in the same Transfer-Network which also connects the L3 Core-Switch
If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
0 Kudos
In response to KarstenI
SuhasKawale
Comes here often
‎Feb 16 2022 3:25 AM
‎Feb 16 2022 3:25 AM

Thanks Karsten.

 

Could you please provide design for this for your expectations?

0 Kudos
In response to SuhasKawale
KarstenI
Kind of a big deal
Kind of a big deal
‎Feb 16 2022 3:41 AM
‎Feb 16 2022 3:41 AM

Obviously I don't have a design for your environment. But any questions on what needs to be done to build a system like this?

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
0 Kudos
In response to KarstenI
SuhasKawale
Comes here often
‎Feb 16 2022 3:48 AM
‎Feb 16 2022 3:48 AM

So assuming as per your previous reply that design would be like primary MX85 will have primary WAN connection and secondary MX85 will have secondary WAN connection below MX 85s 2xFPR1120-NGFW-K9 and below that MS core switches and below that access MS switch along with MR access points as I am looking for SD WAN perspective??

0 Kudos
In response to SuhasKawale
KarstenI
Kind of a big deal
Kind of a big deal
‎Feb 16 2022 5:14 AM
‎Feb 16 2022 5:14 AM

What do you mean with below? Behind? I would typically put all four WAN ports (2*MX, 2*FTD) directly on the internet. All four LAN ports are in the LAN connected to your MS.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.