Meraki

Community

Migrate HA MX84 to HA MX100 Procedure

Solved
jumpy
Here to help
‎Jun 12 2021 3:31 AM
‎Jun 12 2021 3:31 AM

Migrate HA MX84 to HA MX100 Procedure

I'm planning to migrate HA MX84 to HA MX100 with minimal downtime.

 

https://documentation.meraki.com/MX/Other_Topics/MX_Cold_Swap_Replacing_an_Existing_MX_with_a_Differ...

 

As document above, should I go for Method 2 as downtime will only happen when I swap the WAN/LAN cable?

From my understanding, If I go for method 1. The connectivity goes down after I remove the old MX in the network and will come back again when the new MX finished firmware upgrade and configuration sync.

 

Please check the procedure if any wrong.

1. Create Clone Network from existing Network
2. Add new MX100 to Clone Network
3. Config warm spare on Clone Network
4. Unplug WAN2 from the old MX84 and plug into WAN2 on new MX100 for firmware upgrade and configuration sync.

5. When MX100 is ready on Clone network. Move all WAN1/LAN cables from the old MX84 to the new MX100.
6. Re-enable Site-to-Site VPN
7. Delete old network

 

Thank you

0 Kudos
1 Accepted Solution
KarstenI
Kind of a big deal
Kind of a big deal
‎Jun 12 2021 3:41 AM
‎Jun 12 2021 3:41 AM

Do you only have the MXes in this network? Then it should work with your procedure.

If it is a combined network which also has switches and APs, I would put the MXes in a new network to upgrade to the same version as the old MX and then remove and add the the MXes on the original network. The downtime will be a couple of minutes and if you can get a maintenance-window, this is slightly easier.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

View solution in original post

5 Replies 5
KarstenI
Kind of a big deal
Kind of a big deal
‎Jun 12 2021 3:41 AM
‎Jun 12 2021 3:41 AM

Do you only have the MXes in this network? Then it should work with your procedure.

If it is a combined network which also has switches and APs, I would put the MXes in a new network to upgrade to the same version as the old MX and then remove and add the the MXes on the original network. The downtime will be a couple of minutes and if you can get a maintenance-window, this is slightly easier.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
In response to KarstenI
jumpy
Here to help
‎Jun 12 2021 8:57 AM
‎Jun 12 2021 8:57 AM

I only have 2 MXes in the network. So, I think I can go with my procedure.

 

But I'm not sure if the IP address conflict may happen when I create the clone network. Also, how long of Site-to-Site VPN establish connection will take.

0 Kudos
In response to jumpy
KarstenI
Kind of a big deal
Kind of a big deal
‎Jun 12 2021 9:54 AM
‎Jun 12 2021 9:54 AM

Do you have some spare IP addresses on your WAN-side? If you do not need to keep the original WAN IPs (for example because they are whitelisted on some third-party-systems) you can start the VPN on the new network with a dummy-subnet and then just add the regular networks after the old MXes are switches off.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
0 Kudos
In response to KarstenI
jumpy
Here to help
‎Jun 12 2021 11:16 PM
‎Jun 12 2021 11:16 PM

Can I use WAN IP configured on spare MX to initial firmware updates and change it to primary WAN IP after old MXes are switches off?

 

One more thing I'm concerning is hub selection on each spoke node after creating a new clone network. Since this MX act as a hub and there are 20+ spokes, I'm not sure that I have to configure a hub selection on each spoke manually, or I have to disable VPN settings on the old network and then enable the VPN on the new network so all spoke will be select new MX as hub automatically.

 

 

 

0 Kudos
In response to jumpy
DarrenOC
Kind of a big deal
Kind of a big deal
‎Jun 12 2021 11:37 PM
‎Jun 12 2021 11:37 PM

Hi @jumpy , you’re over thinking this. Go with @KarstenI’s first suggestion.  Create a separate Network in your Dashboard and place the two new MXs within.  Give them private IPs from your internal network and let them register out to the cloud and download firmware.

 

Next, delete that new network and proceed with the cloning procedure.

Darren OConnor | doconnor@resalire.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.