MX84 maximum clients

roshangkr
Conversationalist

MX84 maximum clients

We are looking to procure MX84 for our company which supports a maximum of 200 clients. We have 100 laptops and one site-to-site VPN connection with one of our client and we are accessing their 5 servers through VPN. Our question to the forum does these 5 servers should be considered as part of supported 200 clients?  Should we consider we have 105 clients when using Meraki mx84?

11 Replies 11
PhilipDAth
Kind of a big deal
Kind of a big deal

Clients are (by default) the number of unique MAC addresses sitting behind the MX.

 

Servers at the other ends of a VPN do not count.

 

You should consider that you have 100 clients.

MilesMeraki
Head in the Cloud

As @PhilipDAth has said, in your use case you'd have 100 client connections. The MX84 should be more than sufficient enough for your use case.

Eliot F | Simplifying IT with Cloud Solutions
Found this helpful? Give me some Kudos! (click on the little up-arrow below)
roshangkr
Conversationalist

Thank you, All for your valuable inputs.

 

Let me explain our current network infra so that you can help me finalize on MX84.

We have 100 users(laptop & Desktops) and around 50 mobile devices. We have 20 servers on AWS cloud which we access through ipsec vpn.  Also, there are 20 roaming users who access office network through client vpn. We have 2 ISPs providing bandwidth of 10mbps each.

 

Will it be fine to go with MX84 considering in coming 2 to 3 years we may have around 100 more users?

 

 

 

 

 

PhilipDAth
Kind of a big deal
Kind of a big deal

The MX84 is good for up to 200 or so users, so it is a good fit.

 

I would also recommend you consider using the vMX100 if you are using Amazon AWS, especially when you are looking to use dual ISPs.  It will allow you to build a fault tolerant VPN to Amazon via either ISP, and the failover will be automatic.

https://meraki.cisco.com/products/appliances/vmx100

roshangkr
Conversationalist

Your recommendation has put us in confusion.  We thought MX84 does support fault-tolerant for any IPsec site to site VPN and Meraki Client VPN. Fault-tolerant VPN is one our primary requirement. 

Please check https://documentation.meraki.com/MX-Z/Site-to-site_VPN/Site-to-Site_VPN_Failover_Behavior under section "Non-Meraki site-to-site VPN".

 

Also, the majority of the laptops are on Linux OS we searched for configuring Meraki VPN client for Ubuntu 14.04 & 16.04. But could not find anything. Could you share any link for configuring vpn client on ubuntu 14.04/16.04? 

 

 

 

 

PhilipDAth
Kind of a big deal
Kind of a big deal

If you form a warm spare MX configuration, and both of the MX WAN interfaces can plug into the same Internet circuit (aka you have a /29 IPv4 address block - or they both plug in behind another router doing NAT on something like a PPPoE connection) then you can enable VRRP which gives you one IP address for both units to build non-Meraki VPNs to.  This same IP address can also be used for client VPN (L2TP over IPSec).

 

This guide seems to talk about setting it up for Ubuntu:

https://askubuntu.com/questions/789421/l2tp-ipsec-psk-vpn-client-on-xubuntu-16-04

Carlos1
Just browsing

Hi Experts,
After reading every post made in the discussion I have this doubt.
I am placing an MX84 on my main site, according to Meraki documentation are for 250 users.

We now have 15 remote sites that will connect to Teleworker, each site with 6 full-time users.

My query is:
The MX84 how many VPN sessions does it support (I have 15 Teleworkers) that will connect, is there now a limit on VPN sessions between the MX and the Teleworkers?
The MX84 how many concurrent VPN clients does it support?
In each Site you have 10MB of internet, the internet traffic is independent, when you use the meraki VPN client in each branch, does the internet traffic for navigation go through the VPN? or leaves for each branch,

I found that by default that if you use meraki's VPN client, the navigation traffic goes through the VPN

https://documentation.meraki.com/MX/Client_VPN/Configuring_Split_Tunnel_Client_VPN

I will appreciate your support.
Carlos P.

SoCalRacer
Kind of a big deal

Below is a sizing guide and datasheet. Depending on your VPN needs you may want to size up to mx100 or vmx100.

 

MX84 = 100 max concurrent VPN connections

MX100 = 250 max concurrent VPN connections

 

https://meraki.cisco.com/lib/pdf/meraki_whitepaper_mx_sizing_guide.pdf

 

https://meraki.cisco.com/lib/pdf/meraki_datasheet_mx.pdf

Happiman
Building a reputation

@roshangkr 

 

Please don't fall into the Meraki Marketing trap. The max number of connected device by Meraki is very tight. I have over 100 clients on MX64 w/o any performance issue. 

 

If need to count clients, you need to add the # of  

PCs, Laptops, Desk IP Phones, Printers, Switches, APs, and AP Clients altogether. 

 

 

What matters is your CPU usage during  the business hour.

 

 

=MX84 with 166 Clients ==

image.png

Carlos1
Just browsing

Good information, as a query, the concurrent clients that you have in your MX are final clients and include VPN clients?
Or they are just clients on your LAN

 

Regards.

Carlos P.

SoCalRacer
Kind of a big deal

@roshangkr 

 

If you read the datasheet you will see the recommended clients for the MX84 is 200 and VPN is 100. So you are under the recommended amount. The hard stop number was the 100 concurrent VPN connections.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels