Meraki MX Static Routing

Happymofugu
New here

Meraki MX Static Routing

I am currently having an issue with the static routes and maybe I am misunderstanding. 

On the Meraki MX, I have a subnet for example 192.168.200.0/24 VLAN 10 by default it will go out the WAN to do whatever it needs to do. Now, let's say I need it to go another way when the traffic has a certain destination in which would be a Cisco Catalyst Switch. I would like this to be on the WAN Port and let's say that WAN port IP is 192.168.100.1 and the IP on that switch is 192.168.100.2. 

I try to create a static route such as 192.168.200.0/24 next hop 192.168.100.2 and it won't let me then let's say on the Cisco Catalyst I would do the same thing but the next hop would be 192.168.100.1. Is there something I am missing?

What would be the best way to go about this? Should I not put that switch on the WAN port and put it behind the firewall instead and attach it to a different VLAN? Then just set static routes on the catalyst?

Any help would be appreciated.

Error: Static lan route subnets cannot be contained by (or be equal to) a VLAN subnet

4 Replies 4
alemabrahao
Kind of a big deal
Kind of a big deal

This will not work, the WAN Port will not be able to communicate with the LAN.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
ww
Kind of a big deal
Kind of a big deal

You dont need a route for that on mx. It already send all 'unknown' traffic to the wan using the default route. But only flows initiated from lan to wan will be allowed by default

Alejandro_F
Meraki Employee
Meraki Employee

The MX does NAT between LAN-WAN, the traffic could go from inside to outside but not the other way. 
If want to forward the traffic started from WAN, need to create a port forwarding rule with the specific port number.

https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Port_Forwarding_and_NAT_Rules_on_the_MX

 

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.
GreenMan
Meraki Employee
Meraki Employee

Yeah - it looks to me like you should be connecting your Catalyst switch on a LAN port, not a WAN port.   Create an appropriate VLAN interface on the MX for that switch and assing the LAN port to that VLAN.    You won't need a static route on the MX, unless you're needing to access further subnets beyond the Catalyst switch.  As you noted, you will need appropriate routing on the Catalyst, to any subnets which need to be reached via and have their Default Gateway as the MX, on an existing VLAN.

Get notified when there are additional replies to this discussion.