Meraki

Community

Meraki Firewall- 4rth WAN Port I Is IP V6 Supported I Can websites be individually analysed?

RobustMeraki
Getting noticed
‎Sep 16 2024 2:56 AM
‎Sep 16 2024 2:56 AM

Meraki Firewall- 4rth WAN Port I Is IP V6 Supported I Can websites be individually analysed?

 

1. The customer has WAN 1 for internet traffic, WAN 2 for VPN, and WAN 3 for their mail gateway server, all of which are fixed configurations. They need a fourth connection to provide redundancy, for example, for WAN 1 traffic. If WAN 1 fails, it should not use the capacity of the existing WANs (Mail Gateway and VPN) but should instead serve as a redundancy for WAN 1. Is this possible with a Meraki firewall? If so, which firewall would be suitable, and how can this be configured via the Dashboard? Can you provide steps to this

 

2. Is there a way to analyze a website using Meraki? For example, if I input a URL, can it show which category the website falls into?

3. If the connection does not have a fixed IPv4 address or any IPv4 address at all, will it still work, or are there specific requirements? The customer is considering using Starlink as their WLAN provider, which utilizes IPv6. Is this supported by Meraki firewalls?

 

Labels:
0 Kudos
5 Replies 5
ww
Kind of a big deal
Kind of a big deal
‎Sep 16 2024 3:20 AM
‎Sep 16 2024 3:20 AM

Meraki support  2+ 1 backup wan.

https://documentation.meraki.com/MX/MultiWAN_Backup_Uplink

 

Vpn and mail are services you could move to the lan side with static routes or bgp?

wan2 can then be used for backup internet

 

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/SD-WAN_and_Traffic_Shaping

 

Yes you can put in urls to check in which category they fall.

https://documentation.meraki.com/MX/Content_Filtering_and_Threat_Protection/Content_Filtering/Conten...

I dont know if it works with starlink ipv6, but i read it also support ipv4?

Brash
Kind of a big deal
Kind of a big deal
‎Sep 16 2024 3:29 AM
‎Sep 16 2024 3:29 AM

To answer some of your questions:

 

1. No, this is not possible with Meraki devices. The Meraki MX line support a maximum of 2 active uplinks with the ability to add a 3rd as a backup. You can't set failover precedence for specific ports. 

2. The Content Filtering page on the dashboard allows you to check content categorization of a given URL.

3. Meraki supports ipv6 but only in dual stack. Starlink WAN connections are possible/supported.

 

To be honest, by the sound of your use case, you'd be better served with a NGFW (Next Gen Firewall), which is not a product Meraki has.

You'd be looking at something like a Cisco Firepower/Fortigate/Sophos/Checkpoint/Palo Alto (to name a few options).

In response to Brash
RobustMeraki
Getting noticed
‎Sep 16 2024 4:09 AM
‎Sep 16 2024 4:09 AM

Hey Brash, what exactly in my question better relates to a solution like Cisco NGFW?

0 Kudos
In response to RobustMeraki
Brash
Kind of a big deal
Kind of a big deal
‎Sep 16 2024 7:11 PM
‎Sep 16 2024 7:11 PM

These days NGFW's are essentially fully fledged routers with inspection capabilities.

They're typically very flexible with how many and which ports are configured as WAN ports and LAN ports. Some are also modular to add additional ports.

They're also much more likely to be able to do policy-based routing for multiple WAN interfaces, along with failover preferences and full IPv6 support.

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 16 2024 3:55 AM
‎Sep 16 2024 3:55 AM

Why can't you run all the services on a single WAN connection?

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.