We have a new remote location that we need connect back to our main location and provide clients with access to a specific VLAN. Looking for the best (and fastest way) to do this.
Main site - Cisco ASA Firewall, Cisco routers, Meraki core stack - currently does not have an MX devices online.
Main site - EPLAN connection to AWS and our SAP environment
Main site - Meraki AP's with various SSIDs and vlans
Main site - we can take an RF Gun with a custom built application that enters data into our SAP environment. RF Guns are configured to connect to the "RF" SSID which has a connection via the EPLAN to AWS and SAP
New site - basic Spectrum Internet
New site requirement - use an RF Gun in the new site to scan data into the SAP environment
Long term solution - implement EPLAN circuits to basically have the new site connected to SAP like the Main site is now. This will take 2-3 months to implement.
Looking for a short term solution.
We have the following equipment available to use short term -
We bascially need a way for the RF device in the new site to believe it is on a specific vlan in our main site.
Thanks for any advice.
Tough one.
If you put an MX in your main site temporarily in VPN concentrator mode, and an MR ar the new site, then you could configure the SSID to tunnel to the MX, which would then drop it into the VLAN at the main site layer 2.
Thanks for the reply. We're looking at this more closely.
I should mention we also currently have Cisco ASAs in the main site. Would doing something like a site-to-site VPN using an MX in the new location to the ASA in the main location work? Would I have access to the needed vlan for my AP's?
If you want the devices to be in the same VLAN as if they were at head office - no.
If you relaxed the requirement and just said they need a layer 3 connection - yes.
Thanks again. Since we have the MXs available for now, I think we're going that route.
Curious - do the Meraki Z devices do anything similar? I know these are remote user-type devices to connect back to the home office. I just don't know enough about networking to understand what they would do. I'm assuming that they would not drop you on a specific vlan and that that would be an option for my situation?
If you are asking if the Meraki Z device could be the VPN concentrator at the DC - I don't know, but 90% likely. Just less capacity.