WAN2 is feeded with LTE connection with a private dynamic IP

SOLVED
Senan_Rogers
Getting noticed

WAN2 is feeded with LTE connection with a private dynamic IP

Hello Team,

 

+ I have an HQ ( Hub ) MX 84  which is using WAN1 as a Public IP in WAN1 .

+ I have 5 sites  MX65 ( Spokes) have WAN1 (Public IP) connected to ISP1 ( cable connection 100Mbps)  and WAN2  connected to ISP2 as a Backup, those sites are all connected as auto VPN with the Hub.

 

+ Those Spokes will be using WAN2 as LTE connection with a private dynamic IP as a Backup/failover when the Primary WAN1 will be down.

 

My Questions:- 

 

1) Meraki can or cannot support double NAT if we use an LTE connection with a private dynamic IP? 

2) any issues with the auto vpn when it will failover to wan2 which is using LTE connection with Private dynamic IP ?

 

Any Advice? 

 

Thank you 

 

 

1 ACCEPTED SOLUTION
PhilipDAth
Kind of a big deal
Kind of a big deal

1. This is not double NAT.  You are getting a private IP from the 4G carrier which they then NAT into a public pool.  Meraki supports this.

 

2. No issues.  I use this configuration a lot with clients.

View solution in original post

4 REPLIES 4
PhilipDAth
Kind of a big deal
Kind of a big deal

1. This is not double NAT.  You are getting a private IP from the 4G carrier which they then NAT into a public pool.  Meraki supports this.

 

2. No issues.  I use this configuration a lot with clients.

Hi Philip, 

What settings are you putting into your 4G router? are you just DMZ to the local address of the MX? or forwarding individual ports to the MX

Neither.  Just plug it in.

when I just "plug it in" I get a local IP address assigned off the DHCP server on the Teltonika 4G router. The Meraki dashboard does not show the external address only the local address. The VPN services do not work as I assume are double NAT. 

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels