TCO for vMX100 in Azure

C3SGInc
Getting noticed

TCO for vMX100 in Azure

Working with a client that currently has some servers running in Azure.  We currently have a site to site VPN set up and working, but it is only between the main office and Azure, the remote locations cannot reach it.  They are wanting to change that by installing the vMX100 in their Azure instance.  While it is easy to understand the Meraki licensing cost for the vMX, we have no idea what to expect the Azure costs to be.  So, I am curious if anyone that has this set up can tell me what the licensing model is that they are using and what it is costing them monthly?  Of course this will ultimately depend on how much traffic is going through it, so if you can estimate that or describe how you are using it, it will really help us to understand the long terms costs.

 

Thanks

 

 

7 REPLIES 7
MRCUR
Kind of a big deal

We run two vMX's in Azure today. One is in East US and the other is in West US. 

 

Looking at last month for the West US location, here are the costs. We transferred 10.3TB of data through this vMX over the last 30 days according to Dashboard. 

 

vMX disk: $1.86

vMX VM (D2 v2 - set by Meraki): $108.49

Public IP: $2.89

 

 

MRCUR | CMNO #12
C3SGInc
Getting noticed

Thanks for the quick reply and the detailed information, very, very helpful.

Are you on a pay as you go plan or an EA agreement?

 

Thanks again, I have reached out to every internal Meraki person I know and none have been able to shed any light on the subject.

MRCUR
Kind of a big deal

We use an EA agreement with a yearly monetary commitment. 

 

The vMX we run in East US I did a reserved instance for the VM portion so we just pay for the OS disk and public IP each month on that. 

MRCUR | CMNO #12
EvanM
Conversationalist

@MRCUR 

 

Old post here, but hoping you see the reply.  wanted to see if you are still running vMX in Azure and what current base costs are like? 

 

Can vMX in Azure be used in conjunction with Azure VPN Gateway to send traffic out to a non-Meraki VPN endpoint connected to Azure? Idea here would be MX/Z devices would AutoVPN to vMX in Azure and then  it would route over VPN using Azure VPN Gateway out of Azure to a non-Meraki device in a 3rd party datacenter.

 

 

C3SGInc
Getting noticed

I don't see why it wouldn't.  You can add a non-meraki VPN peer to the vMX, define the remote subnets and the routing should take care of itself.  I believe you could also setup OSPF to assist, but not certain how that works with non-meraki VPN's.

 

FYI, for us, the vMX solution has been very solid.  Haven't done much with it as it pretty much manages itself.  With 30+ endpoints and growing on our VPN, it makes adding locations transparent.

EvanM
Conversationalist

Terminaing the non-Meraki VPN on peer on the vMX won't work based on my current experience, which is why I am asking about Azure VPN Gateway in the mix.

 

Right now I am using hub/spoke with my remote offices/teleworkers (MX/Z-spokes) connecting to my corporate office (MX-hub).  At corporate I have a Fortigate firewall making a VPN tunnel to a 3rd party datacenter. I had do to it this way because non-meraki VPN routes are not advertised through Auto VPN and some of my spokes are dynamic IP or behind NAT devices, so I have no way to terminate the non-Meraki VPN tunnel directly to all my spokes.


Thus, all my spokes route through corporate hub then hop over to FortiGate firewall to get out that 3rd party datacenter over VPN.  I'd like to eliminate having to route the spokes through corporate hub, and was thinking of vMX in Azure.

MRCUR
Kind of a big deal

@EvanM Yes, we still run the two vMX appliances that I referenced earlier. Current costs are in line with what I posted previously. They just work for us which has been great. Essentially no maintenance other than updating the Azure VPN subnet list when we've added additional subnets at other sites. 

MRCUR | CMNO #12
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels