Meraki

mscotto · ‎Jan 20 2021

Hi All,

Does anyone know if it is possible to do eBGP on two MX 250's with both my ISP's? My ISP's said it is possible if I have the right gear. I want to know if I need to throw in a Cisco ISR to sit in front of the MX in order to do this or I can do it straight from the MX's (preferred way). I assume if so I would need to throw them in one arm concentrator mode? I currently have my MX in routed mode so if I move this to VPN concentrator (if this is the way to do it) how will this change my current routing setup? Thanks!

Bruce · ‎Jan 20 2021

The BGP implementation on the Meraki MX devices is intended to peer with a Data Centre core for the headend of an SD-WAN solution. Its not intended for ISP peering. The scenario is that SD-WAN can run iBGP across it as a single autonomous system to exchange routes, and then you use eBGP to the data centre (with the MX in VPN concentrator mode) to exchange routes into the network.

AndreaWimsatt · ‎Jan 20 2021

We have just implemented our MX450s at the data center in vpn concentrator mode. However, when you take it out of routed mode, you will require a firewall in front of the Mx to set on the edge for your firewall. We used a couple of firepower’s ASAs, and a Cisco ISR router to take care of the eBGP for the moment. We are waiting on our core switches to come in and should be able to remove the ISR router since the switches can do layer 3. Gonna have a WAN switch and 2 core switches. The fire powers are Natting to the MXs for both wan connections to one interface. Kinda weird to me, cuz I am used to the MXs living on the edge.. tomorrow we are gonna make some adjustments to the BGP to see if we can do full blown BGP now that the MXs are in concentrator mode. I hope this helps. I didn’t really answer your question, however this is the first time I have done this particular setup!! Pretty exciting. I can give you an update after tomorrow if you would like. (I set up a hot spare pair in vpn concentrator mode and named the primary Pete and the secondary Repeat lol 😂).

mscotto · ‎Jan 28 2021

Hi Thanks this is very helpful! I was wondering if I put my MX's in concentrator mode how I would take care of the routing aspect this clears that up!