i have purchased a MX84 to be our internet traffic only Firewall - Connected to Comcast Business internet.
It is currently Connected to a EWIC Nic port on my Cisco 1921 router -
My main Router connection goes to my MPLS and local LAN. I have added routes on the router to send any undefined IP's to the mx84 for internet and it works great..
My issue is my NATs Don't work - I have added the static routes on the MX84 telling it to go to the cisco router interface for all my internal IP address ranges.
I can ping from firewall - from my Server and ping the server from the firewall, but not from the outside Ip address. I know the address is good cause I changed my firewall WAN link to that address and it works.
Am I missing something on my MX84 - Sorry I am new to Meraki Firewalls - I have Meraki Switches and access point throughout my company.
Solved! Go to Solution.
And 220.127.116.11 is not your WAN IP, correct?
If you do a packet capture on "Internet 1" do you see traffic hitting 18.104.22.168 (that you have generated from another Internet connection)?
My Wan IP of the firewall is .213
i do see traffic for .209 and I see the internal IP of the server. Just no website.
There has to be something I am missing
Yup comes right up internally. I see some arp requests asking who is 22.214.171.124 and I did see a MAC address response.
But no website
Which one is the MX in the diagram? Anyways I'd recommend starting a ping to 126.96.36.199 from the outside. Then you'll need to run some captures. First on the outside and inside interface of your Firewall to make sure the pings are getting there and through. Then on the outside (internet) interface of your MX. My guess is that the traffic isn't making isn't routing properly on that 1921 as expected.