MX84 Home deployment.

NickJames
Here to help

MX84 Home deployment.

Morning all, 

I have an issue I'm trying to overcome. We have been given MX84's to work from home with. As this is such a big device I would like to utilise this to replace my home network Netgear switch. So on the Meraki, I'd like to achieve the below. Currently, it is set up that all ports are VPN back to the office when really I'd only like one and the other ports just dirty internet out, or an extension of the ports on the back of the Virgin Media Router if you like. Could anyone let me know if this is possible? And of course how 🙂

 

Capture.PNG

11 Replies 11
Uberseehandel
Kind of a big deal

Most things are possible, if you have management access to the MX.

However, do you really want to run all your domestic traffic through the work security appliance?

If the space the MX84 occupies is too great, ask for a Z3 or MX64.

In any event, the MX has issues with certain types of multicast IP-TV.

I would simply uplink the MX to the existing router.

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
NickJames
Here to help

Hi Ubersee,

I have access to the management portal so can fully configure this device how I want to.

As long as I can keep the 1 port VPN and all the others domestic yes I'd love to. Saves my home office looking like a data centre and ultimately only powering 1 device. I don't have IP-TV so this won't be too much of an issue for me.

CptnCrnch
Kind of a big deal
Kind of a big deal

Having access to the management port doesn't give you any possibility to fully configure the device. Meraki devices are cloud managed, so unless you have administrative access to the (cloud-based) Dashboard, you're out of luck.

NickJames
Here to help

 

I have access to the management portal so can fully configure this device how I want to.

I'm aware they are cloud configured and that's how I have got this far but now I'd like to progress through to the next steps.

ToddB
Here to help

In the portal, goto the addressing & vlans section.

Then part way down the page there's Routing, make sure use vlans box is checked. 

Click the add vlan button and add a vlan/subnet for your local network. 

 

Once you've added the vlan, goto the Per-port VLAN Settings section of the page, (just below the routing section)

Check the boxes for the ports you want to use for your local LAN. Hit the edit button. Set the port type to "access" and set the vlan to the vlan you just created.

When done hit the save button at the bottom of the page. 

 

When you pick a subnet for your local LAN you will want to use something that your company does not use. 

 

 

NickJames
Here to help

Hi ToddB,

Thanks for this I now have port 3 working to my work and picking up a DCHP and able to carry on.

My problem is ports 4-12 won't talk to my Virgin Media Router for "Local network" I.E they won't pick up a DHCP from it or talk to the kit plugged into that end of it. 

I have tried to set up the DCHP relay to point to the VM router but I get

Capture2.PNG

My Routing looks like.

Capture3.PNG

And the WAN IP from the VM Router given to the Meraki with a reservation in is

 

NickJames_0-1589551975935.png

So how do I get it to get a DHCP from the VM router and also talk to the other kit plugged into it?

 

Hope this makes sense.

 

 

 

ToddB
Here to help

 

Ok, on the MX you can't just create a VLAN, like on a switch. You have to create the IP on the vlan interface you create. Use a different IP on the MX then what you virgin router is, say 192.168.255.0/30, and put the MX at 192.168.255.1. On the MX goto the DHCP configuration for the subnet and disable it.

 

Then just plug your broadband router into one of those ports that are configured for the new vlan and plug in your devices. They should pick up an ip from your router in the 192.168.0.0/24 subnet. 

 

Your clients will not see the MX because the subnet/mask is different. 

 

 

 

PhilipDAth
Kind of a big deal
Kind of a big deal

Dumb question - any reason why your home devices can't just plug into the Virgin router?

Uberseehandel
Kind of a big deal


@PhilipDAth wrote:

Dumb question - any reason why your home devices can't just plug into the Virgin router?


Apparently the OP wants to remove an existing Netgear switch from the cabinet, because the MX84 is so large. 

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
NickJames
Here to help

Morning All,

Thanks for your time. 

In answer to your questions. My VM router is downstairs and cant be moved. This runs my TV. So I have a single cat 5 into my office where that splits to a Netgear 16 port unmanaged switch and this is the same size as the MX84. I wanted to remove the Netgear as I'm not a fan of this and utilise the free kit I provided my self through work.

 

Update. I have it working now. Apart from the TV. As this sits on the VM router and the VM router has no configuration for VLANS it sits outside of this network. If I could get my personal ports on the MX 84 to see the native Vlan (0) this would then work. But the Meraki kit won't allow this as its reserved. So I think this had been exhausted.

 

Again I'd like to thank you all for your contributions 🙂 Kudos all around!   

Uberseehandel
Kind of a big deal

@NickJames 

 

I have a third-party security appliance ahead of an MX in order to split the networks for several reasons, including handling 4K HDR multicast IPTV. It achieves what you wish to achieve. except in my case it is BT rather than VM.

dualstack.png

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels