Meraki

Community

MX85 MultiWAN and port forwarding

Solved
SebastienD
Just browsing
‎Aug 13 2025 7:33 AM
‎Aug 13 2025 7:33 AM

MX85 MultiWAN and port forwarding

Hello,

 

We plan to replace our MX84 with a MX85 in order to get 3 WAN.

The third WAN will be a MERAKI MG52 router.

 

Documentation indicate this:

MultiWAN Backup Uplink - Cisco Meraki Documentation

Canveats

7 - Not all NAT features are supported such as Port Forwards, 1:1 NAT and 1:Many NAT

 

Is someone test Port Forwarding on WAN3 because we need to access internal ressources from the Internet ?

 

Regards.

  

Labels:
0 Kudos
1 Accepted Solution
In response to SebastienD
RWelch
Kind of a big deal
Kind of a big deal
‎Aug 13 2025 8:47 AM
‎Aug 13 2025 8:47 AM

The MX85 would likely have a reduced capable WAN 3 usually treated as a failover-only (not true load balancing), limited monitoring and performance data.  Some of the WAN specific features might be missing.

Your post indicates you need these things whereas the WAN 3 in models below the MX105 are less likely to have the full features (was the point I was attempting to make - by design it's a backup link vs a full feature WAN capable as WAN 1 and WAN 2 are).

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.

View solution in original post

0 Kudos
6 Replies 6
RWelch
Kind of a big deal
Kind of a big deal
‎Aug 13 2025 7:36 AM
‎Aug 13 2025 7:36 AM

The third link mimics the failover behavior of the embedded cellular feature on supported MX(C) Appliances which means the third link remains in standby mode until both primary and secondary uplinks are down.

The third link uses the same shared firewall rules which govern WAN 1 and WAN 2. 

 

MultiWAN Backup Uplink 

 

For your testing, you'd likely need to remove links to WAN 1 and 2 to test the access to internal resources via WAN 3.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
In response to RWelch
SebastienD
Just browsing
‎Aug 13 2025 8:40 AM
‎Aug 13 2025 8:40 AM

Thanks for your quick answer.
If I understand your answser, when WAN1 and WAN2 are down, WAN3 will use the port forwarding rules already configured.

0 Kudos
In response to SebastienD
RWelch
Kind of a big deal
Kind of a big deal
‎Aug 13 2025 8:47 AM
‎Aug 13 2025 8:47 AM

The MX85 would likely have a reduced capable WAN 3 usually treated as a failover-only (not true load balancing), limited monitoring and performance data.  Some of the WAN specific features might be missing.

Your post indicates you need these things whereas the WAN 3 in models below the MX105 are less likely to have the full features (was the point I was attempting to make - by design it's a backup link vs a full feature WAN capable as WAN 1 and WAN 2 are).

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
In response to RWelch
SebastienD
Just browsing
‎Aug 13 2025 9:06 AM
‎Aug 13 2025 9:06 AM

I understand that is a backup link and not a full WAN.

I just want to know if someone has already tested on MX85 that WAN3 will continue to do port forwarding if WAN1 and WAN2 are down.

Documentation is not clear about that.

 

 

0 Kudos
In response to SebastienD
alemabrahao
Kind of a big deal
Kind of a big deal
‎Aug 13 2025 12:06 PM
‎Aug 13 2025 12:06 PM

Caveats

  1. On the MX75 - The Third physical port is the designated backup port. Physical ports 1 & 2 become designated WAN 1 and WAN 2 ports. 

  2. On the MX85, MX95 & MX105 - The Fourth physical port is the designated backup port. Physical ports 1 & 2 become designated WAN 1 and WAN 2 ports.

  3. On the MX85, MX95 & MX105 - the Third physical port is disabled and unusable once MultiWAN is enabled

  4. The designated backup port cannot be changed to a different physical port

  5. SFP modules (fiber or copper) are required for physical ports 1 & 2

  6. IPv6 is not supported on the Backup WAN uplink

  7.  Not all NAT features are supported such as Port Forwards, 1:1 NAT and 1:Many NAT

 

MultiWAN Backup Uplink - Cisco Meraki Documentation

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
SebastienD
Just browsing
‎Aug 14 2025 12:09 AM
‎Aug 14 2025 12:09 AM

Thanks for your reply.

I will wait to receive the equipment to try by myself.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.