WatchGuard to MX

tantony-ridge
Here to help

WatchGuard to MX

I used MX68 at my previous job, at my current job we're using WatchGuard Firebox.  When the time comes for renewal, I'm trying to convince my current company to switch from WatchGuad to MX.

 

Are there any improvements on using the AnyConnect VPN client?  My last job I used the native Windows 10 VPN client, and it worked for most part without issues, but I like to use AnyConnect.

 

Anyone here switched from WatchGuard to MX?  I like to hear your opinions.  From my experience with WatchGuard so far, it seem like it blocks everything by default, and you had to allow stuff to go through.

7 Replies 7
alemabrahao
Kind of a big deal
Kind of a big deal

Just check if all the settings you have in Watchgaurd are possible with MX (I believe so). I particularly already migrated and had no major problems, it's just a matter of "translating" the settings.

 

About anyconnect, I can say that it is definitely better than L2TP. Take a look at the documentation

 

 

https://documentation.meraki.com/MX/Client_VPN/AnyConnect_on_the_MX_Appliance

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
tantony-ridge
Here to help

@alemabrahao  so you switched from WatchGuard to MX?  Can I ask why?

So it looks like we can now use AnyConnect on MX.

 

It wasn't for anything technically specific, we needed to renew the licenses and install equipment with greater capacity so we opted to replace it with an MX instead of installing a new Watchguard.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

@alemabrahao ok, and you're using AnyConnect for VPN client?

Yep, one of the most significant advantages in my opinion is being able to filter the networks to which the client will have access and define a group policy.

 

 

alemabrahao_0-1669753211006.png

 

 

 

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
tantony-ridge
Here to help

Ok I guess MX being able to use AnyConnect for VPN might be something recent.  

  • Supported MX models: MX600, 450, 400, 250, 105, 100, 95, 85, 84, 75, 68(W,CW), 67(C,W), 65(W)*, 64(W)*, Z3(C), vMX

*MX65(W) and MX64(W) only supports AnyConnect when running on firmware 17.6+

Not supported: MX90, 80, 60, Z1 (The AnyConnect Settings page will not be visible on Dashboard for these models)

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
Get notified when there are additional replies to this discussion.