Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Upgrading MX Firewall To New Firewall

jamesb33
Here to help
‎Mar 10 2023 2:12 PM
‎Mar 10 2023 2:12 PM

Upgrading MX Firewall To New Firewall

Hi I'm not sure if this is the right place

 

We currently have an MX-67 i'm needing to upgrade our firewall to 8 ports intead of 4 

 

Or can I extend the firewall if i'm needing more ports for our Switches? 

 

I'm needing up to 6/7 ports so an 8 Port MX Firewall would be ideal 

 

Also how do I migrate the existing settings from our MX67 to the new MX we purchase?

 

Thank you,

James

Labels:
0 Kudos
Subscribe
11 Replies 11
Brash
Kind of a big deal
Kind of a big deal
‎Mar 10 2023 2:23 PM
‎Mar 10 2023 2:23 PM

For 8 lan ports you'll need and MX68/W/CW or 75

For migrating to a different model, you can follow the below doc

https://documentation.meraki.com/MX/Other_Topics/MX_Cold_Swap_Replacing_an_Existing_MX_with_a_Differ...

Subscribe
KarstenI
Kind of a big deal
Kind of a big deal
‎Mar 11 2023 3:18 AM
‎Mar 11 2023 3:18 AM

The main question is why do you need more ports on the firewall? I assume that you connect your devices directly to the firewall and now have more than four devices. An MS120-8 is the device that I would use in this situation.

Subscribe
GIdenJoe
Kind of a big deal
Kind of a big deal
‎Mar 12 2023 4:12 AM
‎Mar 12 2023 4:12 AM

The only use case you have is when you have a very small environment without switches where you have a few endpoints that need connection.

 

For all other use cases, only connect each firewall with two ports downstream and use switches for more connectivity.

Subscribe
In response to GIdenJoe
jamesb33
Here to help
‎Mar 13 2023 11:19 AM
‎Mar 13 2023 11:19 AM

So right now I have 1 MX67 and 6 Switches


We only only have 4 ports on the back of the firewall and I need each switch to be connected to the back of the firewall so this leaves me with only 2 ports needed. 

Is there a way that I don't need to use all the Ports on the back of the firewall and just daisy chain the connection to each switch? 

I hope that makes sense

0 Kudos
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 12 2023 12:56 PM
‎Mar 12 2023 12:56 PM

>Or can I extend the firewall if i'm needing more ports for our Switches? 

 

I'm confused by this bit.  Have you already got network switches?  Are they short on ports?

 

Or have you got a bunch of network switches, and you plug them directly into the MX?  If this is the case, I would nominate one of those switches to be the "core" switch, and plug all the other switches into that switch.  Then you'll only need a single port on the MX67.

Subscribe
In response to PhilipDAth
jamesb33
Here to help
‎Mar 13 2023 11:20 AM
‎Mar 13 2023 11:20 AM

So right now I have 1 MX67 and 2 meraki switches and 4 offbrand Switches


We only only have 4 ports on the back of the MX firewall and I need each switch to be connected to the back of the firewall so this leaves me with only 2 ports needed. 

Is there a way that I don't need to use all the Ports on the back of the firewall and just daisy chain the connection to each switch? 

I hope that makes sense

0 Kudos
Subscribe
In response to jamesb33
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 13 2023 11:50 AM
‎Mar 13 2023 11:50 AM

>Is there a way that I don't need to use all the Ports on the back of the firewall and just daisy chain the connection to each switch? 

 

Nominate one switch to be the core switch.  Only plug that switch into the MX.  Plug all other switches into the core switch.

Subscribe
In response to PhilipDAth
jamesb33
Here to help
‎Mar 13 2023 11:52 AM
‎Mar 13 2023 11:52 AM

So what you are saying is connect the firewall into switch 1 

 

Then all other switches go into switch 1 ? Correct


Do i need to do any configure in the MX firewall to set this?

 

Thank you, 

0 Kudos
Subscribe
In response to jamesb33
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 13 2023 12:00 PM
‎Mar 13 2023 12:00 PM

Correct.  You are not likely to need to make any changes on the MX.

0 Kudos
Subscribe
In response to PhilipDAth
jamesb33
Here to help
‎Mar 13 2023 1:51 PM
‎Mar 13 2023 1:51 PM

So i found our our switches are the MS-220-48LP model and are not layer 3 based which I believes carries down the information right?

0 Kudos
Subscribe
In response to jamesb33
Mike6116
Getting noticed
‎Mar 14 2023 5:03 PM
‎Mar 14 2023 5:03 PM

Yo will have the same functionality and performance  if you nominate 1 sw as the core  and then connect other sw to the core sw,   also you can daisy chain the switches and you will have good performance as they will run in a 1gig speed between them, you can make some Vlan arrange for the swithces to have a different ip for managment also

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.