Meraki

Community

Replacing Cisco 4331 with MX100

Livetech
Conversationalist
‎Nov 30 2017 11:26 AM
‎Nov 30 2017 11:26 AM

Replacing Cisco 4331 with MX100

Hello all!

 

I have a client site that has a Cisco 4331 that is probably going to die due to the Clock issue.  This device is not under warranty and has never had smartnet on it.  Basically the client has been informed by his vendor they will have to replace it at full cost.

This is the breaking point for this client. 

What he wants to know for 100% is that he will be able to block internet access on certain vlans from the Meraki appliance itself., and will the meraki perform okay with his remain Cisco equipment(4500 stack, 2960 switches, etc).  

 

He is ready to order the gear and the licensing, but I want to be able to tell him this will not be an issue ...

0 Kudos
2 Replies 2
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Nov 30 2017 11:34 AM
‎Nov 30 2017 11:34 AM

The device does not have to be under warranty to get it swapped out under the clock sync program.  It only had to be under warranty during the period that defective devices were shipped - so basically if you have a defective device it will get swapped out.  Start at this URL and then move to the ordering tab to stat the swap out process.

https://www.cisco.com/c/en/us/support/web/clock-signal.html

 

Also note that a SmartNet 8x5xNBD would be considerably cheaper than buying a whole new piece of kit ... although Cisco don't swap out devices that have not failed under SmartNet - even with SmartNet you have to use the clock sync program URL I have given above.

 

Now to your specific questions, yes 100% you can block Internet access from some specific VLANs to the Internet.  Specifically you would create a group policy with whatever access you want, and then apply that to the VLAN.

https://documentation.meraki.com/MR/Group_Policies_and_Blacklisting/Creating_and_Applying_Group_Poli...

 

Also note that the MX is a security appliance first, while the 4331 is a router first - and as a result the 4331 can do a lot of things that an MX can not do, such as vrf, bgp, eigrp, etc.  Make sure the 4331 is only doing basic static routing and only with access control lists.

Also make sure you buy the advanced security licence for the MX.

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Nov 30 2017 11:36 AM
‎Nov 30 2017 11:36 AM

Why don't you get your customer to use the Meraki "Try and Buy" program" before purchase.  Then no one will get caught out.

https://meraki.cisco.com/form/trial

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2025 Cisco Systems, Inc.