Meraki

Community

MX passtrough mode

VanDerTuch
Here to help
‎Mar 17 2023 5:03 AM
‎Mar 17 2023 5:03 AM

MX passtrough mode

Hello Guys, maybe somebody can help me.

I want to use on my MX67W passtrough mode, but it works really strange.

My topology isquite standard. In company is Mikrotik router and behind him switches and vlans. I cant change topology of swithces and do chcnges there.

But we want to do same security features in network, like IPS/IDS and visibility of network. Therefore i want to add meraki MX between router and core switch in passtrough mode. Router >> MX >> Switch.

I dont know which port to use, or how it works, If I use Meraki WAN port like upstream to Router, and LAN port to Switch, everything works, but there is terrible speeds(troughput in network), like 7-9 Mbs, Dashboard is ok, connection to dashboard working, security works...but speed problem.

Therefore I have tried to use LAN port to upstream router and lan port to downstream switch.In this topology, speeds were normal, like expected, but Dashoard was inreacheble(no management IP address, which i understand).

So i have tried 3rd option.

Where i have used MX lan port to router, mx lan port to downstream switch and WAN port to upstream router as management port. In this config is problem as well. Because of RSTP. Everytime if i connect second link to upsteram router(LAN and WAN), it will create LOOP and one port is blocking.(even if i chose different vlan IP)

Is here somebody who know how it works? I dont know physical connection of MX passtrough. In standard devices should be like two lan ports and some management IP, but in meraki id does not work like that...

I am really confused about it.

Thanks for any advice.

Juraj.passtrough.PNG

Labels:
0 Kudos
8 Replies 8
alemabrahao
Kind of a big deal
‎Mar 17 2023 5:08 AM
‎Mar 17 2023 5:08 AM

Maybe It can help you:  https://documentation.meraki.com/MX/Networks_and_Routing/MX_Addressing_and_VLANs#Addressing&VLANs-Pa...

 

https://documentation.meraki.com/MX/Networks_and_Routing/Passthrough_Mode_on_the_MX_Security_Applian...

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
VanDerTuch
Here to help
‎Mar 17 2023 5:41 AM
‎Mar 17 2023 5:41 AM

Tnaks for reaction, but there is not information. I have seen it before. Only that act as layer 2 bridge, but not about physical port which to use and what is proper topology. In topology where i use wan port and lan port, it works, but speeds are terrible.

0 Kudos
In response to VanDerTuch
alemabrahao
Kind of a big deal
‎Mar 17 2023 5:44 AM
‎Mar 17 2023 5:44 AM

And how about this one?

 

https://documentation.meraki.com/MX/Deployment_Guides/VPN_Concentrator_Deployment_Guide

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
VanDerTuch
Here to help
‎Mar 17 2023 6:11 AM
‎Mar 17 2023 6:11 AM

Thanks, but no. There is about VPN concentrator, I need Passtrough deployment in details. Which port to use as uplink and which as downlink and so on. Problem is WAN port, which is needed for connecton to dashboard, but if i use WAN, then speeds are terrible(probably not swich chip there?)

pass.PNG

 

0 Kudos
In response to VanDerTuch
alemabrahao
Kind of a big deal
‎Mar 17 2023 6:18 AM
‎Mar 17 2023 6:18 AM

The port used will be the same on both modes.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to VanDerTuch
alemabrahao
Kind of a big deal
‎Mar 17 2023 6:20 AM
‎Mar 17 2023 6:20 AM

By the way, what version are you running? Have you checked it with the Meraki team support?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
ww
Kind of a big deal
Kind of a big deal
‎Mar 17 2023 8:30 AM
‎Mar 17 2023 8:30 AM

Option 1 should work.

Make sure the wan port on both side negotiate to 1Gbfd.

Also make sure there no traffic shaping limits on the mx

In response to ww
VanDerTuch
Here to help
‎Mar 17 2023 12:54 PM
‎Mar 17 2023 12:54 PM

Yes, solution 1 is right. In passtrough mode, Upstream link is WAN port and downstream is one of LAN port. My problem was previous config(In route mode), In SDWAN part i set up my real VDSL speeds of wan link(40down, 6up) and after i have changed it to passtrough mode. But i forgot about that. So problem was this part. This settings of wan port are moved to passtrough mode also, there must be unlimited. 

Thanks for advice.ahsda.PNG

Back to the top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.