OSPF and VLAN support in new NO NAT MODE

SOLVED
MickeyDawson
Comes here often

OSPF and VLAN support in new NO NAT MODE

 
1 ACCEPTED SOLUTION

You don't need OSPF for this.

 

If the MX can not get to the cloud via a WAN port it will consider it down.  So if the MX can not get to the Meraki cloud via its WAN port to the Fortigate it will then failover to the other WAN port.  Simple.  No yucky OSPF needed.

View solution in original post

5 REPLIES 5
MickeyDawson
Comes here often

I have a requirement to receive an OSPF default route from an adjacent Fortigate firewall which is the local Internet gateway and WAN1. However for backup purposes we also have a MPLS internet route connected to WAN2.

OSPF is configured to prefer the Fortigate as primary and the Fortigate is testing the Internet availability before advertising the default route so if it fails we route to the internet via the WAN2 MPLS.

 

I read that OSPF is only supported on PASS THRU which means the MX cannot support VLANS so this question is aimed at the NEW NO NAT feature i.e will this allow us to have dynamic routing so the above scenario can be adopted.

 

🙂

A colleague has just pointed out the obvious... wood and trees now comes to mind. The below seems to answer the question and negate the need for the MX to perform any dynamic routing.


@MickeyDawson wrote:

I have a requirement to receive an OSPF default route from an adjacent Fortigate firewall which is the local Internet gateway and WAN1. However for backup purposes we also have a MPLS internet route connected to WAN2.

OSPF is configured to prefer the Fortigate as primary and the Fortigate is testing the Internet availability before advertising the default route so if it fails we route to the internet via the WAN2 MPLS.

 

I read that OSPF is only supported on PASS THRU which means the MX cannot support VLANS so this question is aimed at the NEW NO NAT feature i.e will this allow us to have dynamic routing so the above scenario can be adopted.

 

🙂


 

Why not just connect the FG to MPLS routers and INTERNET CE routers via a switched VLAN, the FG can then make the routing decision based on full routing information. The MX in that case just chucks everything at the FG and doesn’t get involved in anything too complex.

A colleague has just pointed out the obvious... wood and trees now comes to mind. The below seems to answer the question and negate the need for the MX to perform any dynamic routing.


Why not just connect the FG to MPLS routers and INTERNET CE routers via a switched VLAN, the FG can then make the routing decision based on full routing information. The MX in that case just chucks everything at the FG and doesn’t get involved in anything too complex.

You don't need OSPF for this.

 

If the MX can not get to the cloud via a WAN port it will consider it down.  So if the MX can not get to the Meraki cloud via its WAN port to the Fortigate it will then failover to the other WAN port.  Simple.  No yucky OSPF needed.

This again is so simple thank you for the reply. Makes perfect sense.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels