@Mateen wrote:
Got it, Thanks. This will make it a bit complex and if i do not want to do it this way i can just skip the VIP ? and configure warm spare without VIP if its possible ? Will get redundancy on WAN via meraki's WAN monitoring and on LAN through VRRP ? just wanting to confirm i have understood it correct.
You don't have to use a VIP on the WAN-side. Consequences of not using one are described here:
https://documentation.meraki.com/MX/Deployment_Guides/MX_Warm_Spare_-_High_Availability_Pair#WAN_Vir...
Quote:
Use MX uplink IPs: When using this option, the current Active MX will use its distinct uplink IP or IPs when sending traffic out to the Internet. This option does not require additional public IPs for Internet-facing MXs, but also results in more disruptive failover because the source IP of outbound flows will change.
Use virtual uplink IPs: When using this option, both MXs will use a shared virtual IP (VIP) when sending traffic out to the Internet. This option requires an additional public IP per uplink but allows for seamless failover because the IP address the network is using to communicate with the Internet will be consistent. The VIP for each uplink must be in the same subnet as the IPs of the MXs themselves for that uplink, and the VIP must be different from both MX uplink IPs.
To configure a new network with warm spare failover, create the network as you would normally and add the Primary MX. Then add the Secondary MX using the process described above.
Regardless of which option is selected, both MX devices will need their own uplink IP addresses for Dashboard connectivity.
Dashboard configuration should always be performed before the Secondary MX is physically connected to the network.
On the LAN side no VIPs are needed either. The process is described more in detail here:
https://documentation.meraki.com/MX/Networks_and_Routing/NAT_HA_Failover_Behavior#VRRP_Mechanics_for...
