Meraki

Community

MX105 vs MX250 in 2024, specifically for VPN concentrator use?

Solved
AlexG
Getting noticed
‎Sep 20 2024 7:29 AM
‎Sep 20 2024 7:29 AM

MX105 vs MX250 in 2024, specifically for VPN concentrator use?

Hey everyone,

 

Looking for some advice here. We've got about 350 MX's using an MX600 today as a VPN concentrator (hub). It's basically there to facilitate routing and we don't have any security policies setup as that's handled via Palo Alto's. There's a relatively small amount of traffic traversing this - 50GB/day - with even less expected in the next couple of months as it will essentially turn into SNMP/syslog monitoring traffic only. The MX600 has been complete overkill for us, and I presume we could get away with an MX105. Though possible, I'm not expecting growth to surpass 500 MX's connecting in the next 3 years. We do use active-active AutoVPN with dual uplinks at all sites, but I'm not opposed to turning that back off.

 

From my perspective, the MX250 was released in 2017 and the MX105 in 2021, so it would make sense that the MX105 has a newer architecture and would likely be supported for a longer period of time. Does anyone have any experience with a similar scenario and relatively recently purchased devices?

 

Thanks!

Labels:
0 Kudos
1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 20 2024 2:21 PM
‎Sep 20 2024 2:21 PM

What a good question.  You need support for 1,000 VPN tunnels (minimum 700 for "right now").  Only look at the "Recommended" count, not the maximum.

https://documentation.meraki.com/MX/MX_Sizing_Information/MX_Sizing_Principles#Number_of_VPN_Tunnels

 

PhilipDAth_0-1726866918697.png

 

If we take a look at the Meraki "Product End-of-Life (EOL) Policy":
https://meraki.cisco.com/meraki-support/policies/

It says that:
"Cisco Meraki typically provides support for a given product for a period of five (5) years after the EOS date."

 

EOS has not been announced for the MX250.  So you could reasonably expect a minimum of 5 years of life left.

 

Given that, and making the assumption you are buying licences that are 5 years or less, I would personally go with an MX250.  Also you are only using AutoVPN, so even if feature velocity slowed on the MX250 - you probably wouldn't be using any of those new features.

 

For the cost of an MX450, you could probably use an MX250 for 3 three years, throw it away, and replace it with something else (perhaps an MX106 will be powerfull enough by then) and still come out better off financially.

View solution in original post

4 Replies 4
GIdenJoe
Kind of a big deal
Kind of a big deal
‎Sep 20 2024 12:12 PM
‎Sep 20 2024 12:12 PM

The MX250 is getting a bit old indeed.  However in your case it is important to see if your 500 branch MX'es will use 1 tunnel (1 ISP) or 2 to reach the hub location.  In case of 2 you would have no other choice than to use the MX250.

In response to GIdenJoe
AlexG
Getting noticed
‎Sep 20 2024 12:58 PM
‎Sep 20 2024 12:58 PM

Per the sizing guide here: MX Sizing Guide & Principles - Cisco Meraki Documentation, I'd be well within the max allowed 1000 S2S tunnels.

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 20 2024 2:21 PM
‎Sep 20 2024 2:21 PM

What a good question.  You need support for 1,000 VPN tunnels (minimum 700 for "right now").  Only look at the "Recommended" count, not the maximum.

https://documentation.meraki.com/MX/MX_Sizing_Information/MX_Sizing_Principles#Number_of_VPN_Tunnels

 

PhilipDAth_0-1726866918697.png

 

If we take a look at the Meraki "Product End-of-Life (EOL) Policy":
https://meraki.cisco.com/meraki-support/policies/

It says that:
"Cisco Meraki typically provides support for a given product for a period of five (5) years after the EOS date."

 

EOS has not been announced for the MX250.  So you could reasonably expect a minimum of 5 years of life left.

 

Given that, and making the assumption you are buying licences that are 5 years or less, I would personally go with an MX250.  Also you are only using AutoVPN, so even if feature velocity slowed on the MX250 - you probably wouldn't be using any of those new features.

 

For the cost of an MX450, you could probably use an MX250 for 3 three years, throw it away, and replace it with something else (perhaps an MX106 will be powerfull enough by then) and still come out better off financially.

In response to PhilipDAth
AlexG
Getting noticed
‎Sep 24 2024 7:00 AM
‎Sep 24 2024 7:00 AM

Got quotes back from our VAR and in this case, it doesn't make financial sense to drop down to the MX105 - even if it were recommended by everyone here. MX250 it is. Appreciate the responses here.

 

Also, our Meraki rep did confirm that there are no known upcoming EOS/EOL announcements for either model at this time. Hopefully it stays that way through Q1 next year.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.