Meraki

Community

Using configuration from a 1921 router to configure an MX84 SDWAN

Solved
mcoomber
Getting noticed
‎Mar 18 2024 6:59 AM
‎Mar 18 2024 6:59 AM

Using configuration from a 1921 router to configure an MX84 SDWAN

I've got a Cisco 1921 Series router and an SDWAN within my network. 

The link from the service provider connects to the 1921 Series router and the router connects the SDWAN.

 

I want to take the 1921 router off the network. 

Before doing so I want

  1. Can the configuration in the router be configured in the SDWAN
  2. Below is the configuration from the router. How can this be translated to the routing config in the SDWAN. 

The aim to have the connection from the ISP directly connected to the SDWAN since its already configured as the default gateway and Firewall. 

 

Thanks

 

x.x.x.x 255.255.255.248
 
 
 
interface GigabitEthernet0/1
 ip address x.x.x.x 255.255.255.248
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
!
interface GigabitEthernet0/2
 ip address x.x.x.x 255.255.255.252
 ip nat outside
 ip virtual-reassembly in
 duplex auto
 speed auto
 
!
ip tftp source-interface GigabitEthernet0/0.5
ip nat pool Pool-NAT-ISP1 x.x.x.x x.x.x.x netmask 255.255.255.252
ip nat pool Pool-NAT-ISP2 x.x.x.x x.x.x.x netmask 255.255.255.252
ip nat source static x.x.x.x x.x.x.x
ip nat inside source route-map ISP1 pool Pool-NAT-ISP1 overload
ip nat inside source route-map ISP2 pool Pool-NAT-ISP2 overload
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 x.x.x.x track 1
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/2 x.x.x.x track 2
!
ip access-list extended Internet
 permit ip 172.16.0.0 0.0.1.255 any
 permit ip 192.168.20.0 0.0.0.255 any
ip access-list extended RTR-SIP-REG
 permit ip host 172.20.0.2 any
!
!
nls resp-timeout 1
cpd cr-id 1
route-map ISP2 permit 10
 match ip address Internet
 match interface GigabitEthernet0/2
!
route-map ISP1 permit 10
 match ip address Internet
 match interface GigabitEthernet0/1
!
no ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 x.x.x.x x.x.x.x track 1
ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 x.x.x.x track 1
 
no ip nat inside source route-map ISP1 pool Pool-NAT-ISP1 overload
no ip nat pool Pool-NAT-ISP1 x.x.x.x x.x.x.x netmask 255.255.255.252
ip nat pool Pool-NAT-ISP1 x.x.x.x x.x.x.x netmask 255.255.255.248
ip nat inside source route-map ISP1 pool Pool-NAT-ISP1 overload
Labels:
0 Kudos
1 Accepted Solution
In response to mcoomber
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 22 2024 6:31 AM
‎Mar 22 2024 6:31 AM

You just need to configure your WAN interfaces with the IP that the operator is providing you. And for each of your internal networks you need to create an SVI in the MX.
 
Ideally, you should send a simple topology to be more accurate.
 
Configuration on the MX is relatively simple, you don't need to create NAT or ACL for it to be able to communicate with the internet.
 
I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

0 Kudos
6 Replies 6
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 18 2024 8:26 AM
‎Mar 18 2024 8:26 AM

Most settings can be translated for use on the MX.

 

You will see that at Meraki things are simpler, for example you don't need to do an outbound NAT for the internet, just configure the interface with the IP provided by the operator and plug the cable into the wan and it will work.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
mcoomber
Getting noticed
‎Mar 22 2024 6:00 AM
‎Mar 22 2024 6:00 AM

I have configured interface GigabitEthernet0/1 on the router to Port 2 on Meraki and interface GigabitEthernet0/2 on the router to Port 1 on the Meraki. 

Without configuring NAT, do I need to configure the static routes and ACL? If so where in the Meraki do I do these configurations

 

Thanks for the support thus far.

0 Kudos
In response to mcoomber
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 22 2024 6:15 AM
‎Mar 22 2024 6:15 AM

It's a bit confusing what you want to do, can you illustrate it in a simple way?

https://documentation.meraki.com/MX/Networks_and_Routing/MX_Addressing_and_VLANs

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
mcoomber
Getting noticed
‎Mar 22 2024 6:25 AM
‎Mar 22 2024 6:25 AM

I just want to configure the present configuration in the router to the MX 84. 

So I want to know what configs in the router I need and which I can skip. Also which config Meraki corresponds with the config on the router. 

 

Thanks.

 

0 Kudos
In response to mcoomber
alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 22 2024 6:31 AM
‎Mar 22 2024 6:31 AM

You just need to configure your WAN interfaces with the IP that the operator is providing you. And for each of your internal networks you need to create an SVI in the MX.
 
Ideally, you should send a simple topology to be more accurate.
 
Configuration on the MX is relatively simple, you don't need to create NAT or ACL for it to be able to communicate with the internet.
 
I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
mcoomber
Getting noticed
‎Mar 22 2024 6:39 AM
‎Mar 22 2024 6:39 AM

Thanks very much for the support and guidance. Will revert to you tomorrow after configuration. 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.