Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

MX100 Hub migration to vMX's in Azure

J_Donegan
New here
a week ago
a week ago

MX100 Hub migration to vMX's in Azure

Hello,

 

We have a current MX100 Hub at our HQ site with a list of static routes listed.

One of those static routes is for our Azure LAN traffic.When one our branch site users needs to access an Azure hosted server it needs to come back to our HQ site(via Express Routes) first to learn the routes.

We have introduced 2 new Azure hosted vMXs using BGP. These new vMXs have been added to each branch site hub setup.

What is the best approach to remove the MX100 from the setup and get all traffic to contact the new primary vMX to learn the routes etc.

MX100 Hub static routes

J_Donegan_0-1718872239187.png

Branch Network Hub setup

J_Donegan_1-1718872343140.png

 

 

Labels:
0 Kudos
Subscribe
3 Replies 3
rhbirkelund
Kind of a big deal
a week ago
a week ago

The fact that you've already added the two new vMX's to the Branches mean that each branch has already learned the vMX sites and their Local Networks.

You should be able to verify it by checking the branch route tables.

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.
0 Kudos
Subscribe
In response to rhbirkelund
J_Donegan
New here
a week ago
a week ago

When we tried removing the MX100 routes which is the same as excluding it. 
The branch traffic wasn’t able to find the routes of the Azure servers. 
we feel we need to advertise the routes on the VMx hubs but these are only vpn concentrators. 
Not sure what our next move should be. 

0 Kudos
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
a week ago
a week ago

Change these to disable.

PhilipDAth_0-1718923357647.png

 

Make sure the branches still show a route to the azure subnets but via the VMXs.  Make sure Azure has a return route for the branch via one of the VMXs.

 

Site to site VPN firewall rules are stateful for a single VMX and not across VMX - so be careful if you use these.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.