Meraki

Community

PAT configuration

TJG
Conversationalist
‎Jul 12 2019 9:43 AM
‎Jul 12 2019 9:43 AM

PAT configuration

Hello all, new to the group.  I'm demoing the MX250 in my environment.  I have a special situation that requires me to PAT 2 of my internal VLANs to 1 external public IP address.  I do this easily with my ASA firewall, but can't figure out how to do it on the MX.  From what I understand from reading other posts in this forum, that 1:Many NAT setup would not work for my situation.  If anyone can point me in the right direction, I'd really appreciate it!

 

Thanks,

Tom

0 Kudos
4 Replies 4
Raj66
Meraki Employee
Meraki Employee
‎Jul 12 2019 9:48 AM
‎Jul 12 2019 9:48 AM

Hi @TJG 1:1 and 1: Many NATs will allow you to map a single or multiple clients (you cannot map more than 1 per a single port) to a public IP address but not an entire vlan. However, one way you can achieve this is to configure the public IP as your second Internet connection and then do flow preference so that all the traffic from those VLANs will use the secondary Internet IP and not the default primary

 

https://documentation.meraki.com/MX/NAT_and_Port_Forwarding/Troubleshooting_Port_Forwarding_and_NAT_...

 

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Load_Balancing_and_Flow_Preferen...

 

Cheers!

 

Raj

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it
0 Kudos
In response to Raj66
TJG
Conversationalist
‎Jul 12 2019 10:21 AM
‎Jul 12 2019 10:21 AM

Thanks Raj, my problem with that is I already have 2 internet connections coming into the MX.

0 Kudos
In response to Raj66
Eric90
New here
‎May 30 2021 6:38 PM
‎May 30 2021 6:38 PM

Hi @Raj66 

 

I know this is an old post, however we are in this situation and cant figure out the WAN2 port workaround.

 

Are you able to break it down for me? 

i have 2 Public IPs on the 1 Connection

Require traffic from 192.168.0.x to route via IP1
Require traffic from 10.x.x.x to route via IP2

Source NAT not supported.


0 Kudos
SFog
Here to help
‎Jul 12 2019 4:43 PM
‎Jul 12 2019 4:43 PM

We have lost a lot of sales due to the lack of NAT functions on the Meraki and all we get told is "Maybe Meraki is not for you". I use the "wan2" work around a lot but there is not much you can do if you are using your Wan 2 as a wan port.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.