MX support for non-connected networks?

JacobNP
Conversationalist

MX support for non-connected networks?

Hi Folks,

 

Been doing some digging and trying to find if the MX firewalls support non-connected networks like the ASA/FTD devices do. Provider gear is giving us a /30 to interface with but also a /28 that im assuming they are using as a secondary IP/subnet on the same interface based on the review of the existing firewall configuration.

 

The ASA supports this with the following command: arp permit-nonconnected

 

Thanks,

 

Jacob

2 REPLIES 2
ww
Kind of a big deal
Kind of a big deal
JacobNP
Conversationalist

Re: MX support for non-connected networks?

Thanks for the link. Sounds like we should be good with the MX then since we would be using NAT xlates for that secondary subnet. As long as the MX will answer the ARP requests from the provider we should be fine.

 

I just didnt want to rely on  the ISP to change their configuration to accommodate us. Since worst case i could look at having the remove the secondary configuration on their interface so its not seen as "connected" and instead have them actually put in a route statement to our MX for the secondary range.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.