Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Statis IP on Wan Port

Solved
GarageLand42
Conversationalist
‎Mar 30 2023 11:32 AM
‎Mar 30 2023 11:32 AM

Statis IP on Wan Port

 

Our MX WAN 1 port currently has a /29 subnet mask, and is using one of the IP's.

It is running the VLAN and DHCP for our internal network. I need to statically assign 1 of the available numbers from the WAN  side so I can hook up one an internet facing server.    The server cannot have access access to our internet network.  Is this possible ?  I wanna place a small switch bewtween the ISP and the MX, and connect my statically assign IP address server to that. switch.  

 

Existing

 

 

DGA.jpg

 

Proposed

 

DGA2.jpg

Or is there a better way.

 

0 Kudos
Subscribe
1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 30 2023 12:26 PM
‎Mar 30 2023 12:26 PM

Yes that would work.

 

To build on @BlakeRichardson's response, you could create a DMZ behind the MX.  Create a firewall rule so it can not talk to the internal network, and then just NAT one of the static IP addresses through to it.

 

Or - host it in a public cloud provider like Amazon AWS.

View solution in original post

Subscribe
2 Replies 2
BlakeRichardson
Kind of a big deal
Kind of a big deal
‎Mar 30 2023 12:02 PM
‎Mar 30 2023 12:02 PM

What you propose is not very secure at all. Why not put the server on its own VLAN so that you can enable external access to it while keeping it segregated from your main LAN.

btr.net.nz
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 30 2023 12:26 PM
‎Mar 30 2023 12:26 PM

Yes that would work.

 

To build on @BlakeRichardson's response, you could create a DMZ behind the MX.  Create a firewall rule so it can not talk to the internal network, and then just NAT one of the static IP addresses through to it.

 

Or - host it in a public cloud provider like Amazon AWS.

Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.