Meraki

Community

Single WAN , 2 MX's ?!

Solved
ahmadtat
Getting noticed
‎Dec 4 2017 1:02 AM
‎Dec 4 2017 1:02 AM

Single WAN , 2 MX's ?!

Hi,

 

We have a client who has a single internet connection (single UTP cable) with a single Public IP address that he's using to access some servers and services from outside (using port forwarding).

Any suggestions on how to setup 2 MX's in HA mode (hot stand-by) ? to accomplish Hardware failure availability ..

 

I know we can not use the same public IP address on both MX's at  the same time,, and using a device to terminate the ISP link first then NAT the traffic through it will cause a lot of problems for port forwarding requirements. (not to mention Auto-VPN).

 

Any recommendations?

 

0 Kudos
1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Dec 4 2017 10:17 AM
‎Dec 4 2017 10:17 AM

The easiest way is to get a cheap backup connection (or a 4G hot spot with Ethernet ports) and plug WAN2 of each MX into this backup circuit.  This keeps both units online and their configs and firmware up to date.

 

Then on primary circuit failure you move the cable from WAN1 on the first MX to the second MX.

View solution in original post

0 Kudos
5 Replies 5
Chris_M
Getting noticed
‎Dec 4 2017 8:16 AM
‎Dec 4 2017 8:16 AM

You can use a small switch in between the provider's equipment and your 2 MX. Assuming you get a /29 or higher block of public IP address, you can then set each MX on its own ip addressing and connect to the ISP that has only one link.

 

No need for port forwarding or other setup since the switch is unmanaged.


Find my post helpful? Please give me a kudo!
CCNP Certified and Meraki Operator
0 Kudos
In response to Chris_M
ahmadtat
Getting noticed
‎Dec 4 2017 9:49 PM
‎Dec 4 2017 9:49 PM

@Chris_M

Unfortunately, the ISP provided only a single IP address (not two) , hence this way will not work.

 

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Dec 4 2017 10:17 AM
‎Dec 4 2017 10:17 AM

The easiest way is to get a cheap backup connection (or a 4G hot spot with Ethernet ports) and plug WAN2 of each MX into this backup circuit.  This keeps both units online and their configs and firmware up to date.

 

Then on primary circuit failure you move the cable from WAN1 on the first MX to the second MX.

0 Kudos
In response to PhilipDAth
ahmadtat
Getting noticed
‎Dec 4 2017 9:52 PM
‎Dec 4 2017 9:52 PM

@PhilipDAth

so the physical failover will be the way to go?

No auto failover workaround in such scenarios?

0 Kudos
In response to ahmadtat
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Dec 4 2017 10:47 PM
‎Dec 4 2017 10:47 PM

Correct.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.