Meraki

MauroF

Hi all,

i have a network HUB & Spoke where i have a vMX in Azure and a private DNS also in Azure. I have an ENTERPRISE LICENSE)

If an user is connecting from a spoke....the flow should be as indicated here below:

+---------------------+
| PC VLAN 1001 |
+---------------------+
|
+---------------------+
| Spoke Meraki MX |
+---------------------+
|
==========VPN==========
|
+---------------------+
| Hub Meraki VMX/Azure|
+---------------------+
|
+---------------------+
| DNS VM (privato) |
+---------------------+
| |
[local] [pubblica]
| Forward
| |
[risponde] [Umbrella DNS Cloud]

So, the Private DNS is used for local services (servers in the cloud), while all other requests will be forwarded to Umbrella.

Now, since Umbrella will receive all DNS requests coming ONLY from the vMX public address in Azure, should I purchase just one license, or do I need to consider the number of users who will be using that DNS concurrently? Any idea on how this should be handled?

alemabrahao

You need to consider the number of users behind the vMX who are using Umbrella for DNS resolution.

Umbrella uses the concept of roaming clients, network devices, and virtual appliances to track and enforce licensing. Even if you're not deploying Umbrella agents on endpoints, Cisco expects you to license based on the actual number of users or endpoints protected.

FAQ: Umbrella Licensing and Account Provisioning - Cisco

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

alemabrahao