Sorry if this has been discussed before but im not having much luck finding something along the same lines. I have a network that has a MX64, 3 Switches and 18 APs.
We are upgrading the MX64 in that network to an MX100. The current MX64 acts as a gateway, VPN gateway and has several static routes pointing to other networks on the WAN and then about 10 local VLANS.
The question is this: Looking at the official guides, the best way is to create a new network and clone the current live one. If I do this what happens to my switches and APs when brought over to the cloned network - do their vlan configs get deleted? OR If i cloned the network and just select Security appliance only - would that work. Leaving me with essentially 2 network, one with the Security appliance the other with the switches and APs?
I guess what im trying to figure out is - whats the most simple way of doing the swap without loosing configs and having a nightmare?
Thanks in advance for any guidance.
Solved! Go to Solution.
Why not simply replace the existing MX without cloning at all?
Thanks for the link jdsilva,
I've already looked at this before posting but doesn't really tell me anything what happens to the switch and AP configs.
As mentioned in my original post - if i clone the network to perform the upgrade - what happens to my switches and APs when they are moved to the clone. Do their configs clear or what?
Or would it just be easier to clone just the security appliance and keep the switches and APs on their original network?
Why not simply replace the existing MX without cloning at all?
Yep, we’ve done this and it works perfectly.
I'm going from an MX64 to the MX85. If I "remove" the MX64 from the network does the network stop working right away? I'm wondering if I can do this with minimal downtime.
speaking 1st hand as I've done this many time now:
No it does not, it will keep working for a while. When setting up - I like to boot the new appliance on a plain DHCP connection with internet access, get it to check in and let it do all of its firmware updates then plan my outage window (without adding to the dash other than claiming). Configure its static isp info from on local admin page then just ship it to site, let the local person do the cable swap and power up, remove the live appliance from the dash and add the new one from inventory. takes about 5-10 mins tops... One thing I will say is check that your static IP info actually saves after a reboot before you ship and check in different browsers. I did one once which for some reason looked like its static IP was on its internet interface - but ultimately wasn't when it booted at the other end. I always check that twice now.
So plug it in to my home router by connecting it to the WAN port 3 and let it get an address and then try to access it and configure it?
if your configuring at home:
from your LAN side of your home router connect it to the WAN/Internet side of your MX.
let it check in (white light) and then complete any firmware download (flashing white).
Then if your setting up a static IP on the internet port, connect a laptop to the LAN side of the MX and do an IPCONFIG in windows. Open a browser to that IP and log in using the serial number as the login info. Once logged in set your static is on internet the internet port / secondary port at needed. That’s it (with our adding it to the network in the dashboard in question)
As long as the MX can get the the internet at the site the rest of the config will sync when you remove the old mx and add the the new one from the network.
it’s really quite simple, as mentioned in my previous post - my only issue in the past has been the static IP not taking on the local config, I always double check these days and not ram into any issues.
Good Idea CptnCrrnch,
Do you know if that method will retain Vlan and static route configs etc on the dashboard under "addressing & Vlans"?
Thanks for accepting my answer as solution, but Kudos should go out to @jdsilva who also provided a thorough explanation! 👍
Non-local configuration (like firewall rules, routes, Vlan settings) will be retained by this method:
"A Dashboard Network can only contain one MX at a time. To make room for the new MX, the Network Administrator will have to remove the current MX. Please note that the network will retain the old MX's non-local configuration, so the replacement MX does not need to be reconfigured in Dashboard."
Please also keep that one in mind:
"Because the new MX will be running an exact copy of the original MX's configuration all cables should be moved to the same ports on the new MX as they were connected to on the original MX. For example, the cable from LAN port 4 of the original MX should only move to LAN port 4 of the new MX, or another port with an identical configuration.
Once this has been completed and the new MX has fully checked in and finished its upgrades it should now be in place and functioning on the network with the exact same configuration as the original MX."
So basically, all you'll have to do is set up your WAN interface (in case of DHCP even that should be transparent), let the new box pull the config from Dashboard and be all set. 🙂
@CptnCrnch - gave @jdsilva kudos as requested! 🙂
@Mikeylad I'm not following why you want to clone a network at all. Do you have a specific reason why you want to clone? I don't agree with your statement that the cloning method is the best way. How did you arrive at that conclusion?
That said, perhaps an explanation of combined networks will help clear this up?
Combined networks are actually just a little bit of sleight of hand on Meraki's part. A combined network is actually just a container that has the actual device type specific networks inside. So if you have a combined network with MX, MR, and MS, you really still have three networks that are being shown to you as a single. This is why you can split them and combine them any time you want.
If you clone your combined network, and add a new MX to that network, your original network is still there and functioning as it always would. If you move devices between networks then yes, there is a brief period of time where technically the devices do not have a config. There's a "move to new network" action you can do, and in that case the time the device doesn't have a config is essentially nil, however if you have any device specific configs (radio settings on the AP's for example) then you need to set those again in the new network as they do not clone over.
None of this is the simplest way though. I would suggest you take another look at the KB I linked to, and check out Method 1 again (Quick Swap). If all you need to do is replace the MX then simply removing the old one followed by adding the new one to the existing network is far and away the simplest method.