Meraki

Community

OSPF and VLAN support in new NO NAT MODE

Solved
MickeyDawson
Comes here often
‎Apr 20 2018 3:38 AM
‎Apr 20 2018 3:38 AM

OSPF and VLAN support in new NO NAT MODE

 
0 Kudos
1 Accepted Solution
In response to MickeyDawson
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 20 2018 8:04 AM
‎Apr 20 2018 8:04 AM

You don't need OSPF for this.

 

If the MX can not get to the cloud via a WAN port it will consider it down.  So if the MX can not get to the Meraki cloud via its WAN port to the Fortigate it will then failover to the other WAN port.  Simple.  No yucky OSPF needed.

View solution in original post

0 Kudos
5 Replies 5
MickeyDawson
Comes here often
‎Apr 20 2018 3:42 AM
‎Apr 20 2018 3:42 AM

I have a requirement to receive an OSPF default route from an adjacent Fortigate firewall which is the local Internet gateway and WAN1. However for backup purposes we also have a MPLS internet route connected to WAN2.

OSPF is configured to prefer the Fortigate as primary and the Fortigate is testing the Internet availability before advertising the default route so if it fails we route to the internet via the WAN2 MPLS.

 

I read that OSPF is only supported on PASS THRU which means the MX cannot support VLANS so this question is aimed at the NEW NO NAT feature i.e will this allow us to have dynamic routing so the above scenario can be adopted.

 

🙂

0 Kudos
In response to MickeyDawson
MickeyDawson
Comes here often
‎Apr 20 2018 4:36 AM
‎Apr 20 2018 4:36 AM

A colleague has just pointed out the obvious... wood and trees now comes to mind. The below seems to answer the question and negate the need for the MX to perform any dynamic routing.

@MickeyDawson wrote:

I have a requirement to receive an OSPF default route from an adjacent Fortigate firewall which is the local Internet gateway and WAN1. However for backup purposes we also have a MPLS internet route connected to WAN2.

OSPF is configured to prefer the Fortigate as primary and the Fortigate is testing the Internet availability before advertising the default route so if it fails we route to the internet via the WAN2 MPLS.

 

I read that OSPF is only supported on PASS THRU which means the MX cannot support VLANS so this question is aimed at the NEW NO NAT feature i.e will this allow us to have dynamic routing so the above scenario can be adopted.

 

🙂

 

Why not just connect the FG to MPLS routers and INTERNET CE routers via a switched VLAN, the FG can then make the routing decision based on full routing information. The MX in that case just chucks everything at the FG and doesn’t get involved in anything too complex.

0 Kudos
In response to MickeyDawson
MickeyDawson
Comes here often
‎Apr 20 2018 4:36 AM
‎Apr 20 2018 4:36 AM

A colleague has just pointed out the obvious... wood and trees now comes to mind. The below seems to answer the question and negate the need for the MX to perform any dynamic routing.

Why not just connect the FG to MPLS routers and INTERNET CE routers via a switched VLAN, the FG can then make the routing decision based on full routing information. The MX in that case just chucks everything at the FG and doesn’t get involved in anything too complex.

0 Kudos
In response to MickeyDawson
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 20 2018 8:04 AM
‎Apr 20 2018 8:04 AM

You don't need OSPF for this.

 

If the MX can not get to the cloud via a WAN port it will consider it down.  So if the MX can not get to the Meraki cloud via its WAN port to the Fortigate it will then failover to the other WAN port.  Simple.  No yucky OSPF needed.

0 Kudos
In response to PhilipDAth
MickeyDawson
Comes here often
‎Apr 20 2018 8:13 AM
‎Apr 20 2018 8:13 AM

This again is so simple thank you for the reply. Makes perfect sense.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.