add new security appliance to the existing network

SOLVED
imovaffagh
Conversationalist

add new security appliance to the existing network

Hello Dears,

I have a Meraki network with SWs, APs, and also my security appliance is MX250.

I also have purchase MX67 and now want to use it in the branch office and connect it via site-to-site VPN.

Now I cannot add the MX67 to my existing network and as I create a new network it gets me a license warning.

I do have MX advanced security enabled for my network, but they are not enabled on the MX67 license.

I would like to know if it is possible to use combine networks and use the same License for the main and branch office, or I have to buy a new MX advanced security License?

 

Thank you

1 ACCEPTED SOLUTION

Accepted Solutions
Bruce
Kind of a big deal

Re: add new security appliance to the existing network

Hi @imovaffagh, each MX device needs its own license, and all MX devices in the organisation need to be on the same license ‘level’. Since your MX250 is using Advanced Security you will need to purchase an Advanced Security license for the MX67 too.

View solution in original post

6 REPLIES 6
Bruce
Kind of a big deal

Re: add new security appliance to the existing network

Hi @imovaffagh, each MX device needs its own license, and all MX devices in the organisation need to be on the same license ‘level’. Since your MX250 is using Advanced Security you will need to purchase an Advanced Security license for the MX67 too.

View solution in original post

imovaffagh
Conversationalist

Re: add new security appliance to the existing network

Thank you very much for the feedback.

Bruce
Kind of a big deal

Re: add new security appliance to the existing network

Just as a FYI too. You can only have one MX per Meraki Dashboard network (two if you are running an active/standby pair), so in the scenario you describe you’ll create the new Branch network (as it sounds like you have) and configure AutoVPN between the Branch network and the Head Office network.

imovaffagh
Conversationalist

Re: add new security appliance to the existing network

I have checked the quotations again and found out that MX67 came with "Meraki MX67W Enterprise License and Support" license.

Now still, if I wanted to have an MX67 connected from branch to MX250 (equipped with Advanced security Lic) in the HQ through VPN,  should I purchase new MX67 Advanced security Lic?

Bruce
Kind of a big deal

Re: add new security appliance to the existing network

Yes, I would suggest that you want to have the same licenses so that you can use AutoVPN to set-up your site-to-site VPN. It will make your life much quicker and easier and is the beauty of the Meraki solution. You will probably want the Advanced Security license at the Branch site so that you get features such as IDS/IPS, AMP file scanning, and content filtering for direct internet access too.

 

If the MX67 and Enterprise License were a recent purchase then you should talk to the reseller and see if they can RMA the Enterprise License so that you can purchase the Advanced Security one.

cmr
Kind of a big deal
Kind of a big deal

Re: add new security appliance to the existing network

@imovaffagh the alternative is to ask support to convert the MX67 enterprise license to advanced, this will simply halve the license term.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.