Hi all,
I'm sure this has been asked a lot and apologies if it has been answered a lot too, spent hours looking it up and i could not find a clear answer.
We are in the process of migrating a multi-tenant network from Sonicwall to Meraki MX.
The public IPs we have is:
Public main WAN subnet 1: 1.0.0.0/29
Public routed subnet 2: 2.0.0.0/30
Public routed subnet 3: 3.0.0.0/30
I've routed subnets 2 & 3 to tenants' 2 & 3 gateway, for example tenant 3 has a Draytek sitting behind the Sonicwall with a public IP address of 3.0.0.2 on it (3.0.0.1 is the Sonicwall). We needs to be able to do his own NAT.
The way I've done this on the Sonicwall is shown here: http://help.sonicwall.com/help/sw/eng/6500/25/9/0/content/Ch27_Network_Interfaces.031.39.html
However i cannot find anything documented by Meraki on how to configure a public routed subnet for a DMZ host and make sure traffic passes through and is not NATed out of the main WAN IP.
I've seen people mentioning they had to create a VLAN and set the MX's gateway address to that public IP, 3.0.0.1 in tenant 3's case.
Do i then have to create a 1:1 NAT rule to map public 3.0.0.2 to LAN 3.0.0.2 so the tenant's gateway is accessible?
Thanks for your time 🙂