cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Two companies sharing 1 ISP - how to configure?

Highlighted
Here to help

Two companies sharing 1 ISP - how to configure?

I have two sister companies in the same building. Our ISP provided us two WAN IPs but the modem only has 1 uplink port.

 

We have a Meraki ms125 switch. What would be best practice for a setup like this:

 

1. Port 1 = WAN UPLINK from ISP

2. Port 2 = Internet 1 port on First MX

3. Port 3 = Internet 1 port on Second mX

4. Each MX internet port configured with the WAN IP from the ISP

 

In this setup, how would I have to create a VLAN on ports 1 2 and 3 on the switch? Trunk or access? Or would I only do access port on PORT 1, and then tag on the UPLINK port on the MX to use VLAN on that section?

3 REPLIES 3
Highlighted
Getting noticed

Re: Two companies sharing 1 ISP - how to configure?

You need to know whether the ISP is separating the IP addresses on different VLANs, if they are then you need to use VLANs, if they’re not then you won’t. If they are using VLANs then you’ll need a trunk on Port 1 that allows the VLANs that the ISP is providing, then you use access ports to the MXes, one acess port assigned to each VLAN. If the ISP isn’t using VLANs then you just use access ports - the VLAN for those access ports doesn’t matter so long as they are all the same.

Highlighted
Here to help

Re: Two companies sharing 1 ISP - how to configure?

Hey Bruce,

 

Thanks for this - I got it working how I originally suggested. I am about to call the ISP though but wanted to see if you or anyone thinks this is an issue. Now on the client list I see devices from the ISP, not sure what they are, looks like all their stuff and mostly public IP addresses. If I click on my port 1 on the switch and look at current clients there is a list that keeps changing with new IPs.

Highlighted
Head in the Cloud

Re: Two companies sharing 1 ISP - how to configure?

If the addressing of the ISP comes from the same pool then it's going to be a flat VLAN.

 

But I don't see any problem here.
Just define an external VLAN on the switch and put both MX'es and the ISP router on their own ACCESS ports on that VLAN.  Or if it's tagged, then TRUNK but only allow the external VLAN.
Then make sure your switch if it is also serving internal clients all trunks towards other switches DO NOT allow the external VLAN across them.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.