Updating MX - Connecting to Meraki Cloud first time

SOLVED
OSPF71
Here to help

Updating MX - Connecting to Meraki Cloud first time

We refreshed our entire network with all Meraki devices and the last piece of the puzzle is to replace the old Watchguard firewall with the new MX250. I am trying to minimize interruption to the network since we do have 24 hour operations that rely on email, etc. and have pre-configured all settings, routes, vlans, etc. from the current firewall to the MX. The MX has not been turned on since we started the project and probably has some firmware updates to download so I am wondering if I connect it to our secondary WAN connection would that be the best way to get the device up to date to ensure a quick transfer on the switch-over date?

1 ACCEPTED SOLUTION
MerakiDave
Meraki Employee
Meraki Employee

Sounds like you've got the right idea, I would certainly connect the MX250 on its WAN1 interface only, perhaps from a lab or staging VLAN, anywhere it can grab a DHCP address (unless you've already followed the procedure and it's got static settings on the WAN side already) so it can contact Dashboard and pull its firmware and configuration (and possibly reboot itself during that process).  This will certainly cut down on the actual cut-over time.  Don't know exactly what your Internet segment network design is, but perhaps there's a way to run the MX250 in parallel for a short time, so you can at least have whatever LAN interface(s) connected and verify reachability and routing table before disconnecting the old equipment.  

View solution in original post

1 REPLY 1
MerakiDave
Meraki Employee
Meraki Employee

Sounds like you've got the right idea, I would certainly connect the MX250 on its WAN1 interface only, perhaps from a lab or staging VLAN, anywhere it can grab a DHCP address (unless you've already followed the procedure and it's got static settings on the WAN side already) so it can contact Dashboard and pull its firmware and configuration (and possibly reboot itself during that process).  This will certainly cut down on the actual cut-over time.  Don't know exactly what your Internet segment network design is, but perhaps there's a way to run the MX250 in parallel for a short time, so you can at least have whatever LAN interface(s) connected and verify reachability and routing table before disconnecting the old equipment.  

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels