cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

multi subnet NAT on MX100

Highlighted
New here

multi subnet NAT on MX100

Hi,

Can meraki do muliple subnet NATing ?  in other words can it do this - https://www.tp-link.com/us/faq-887.html ?

 

my setup is:

 

2960 --- MX100 --- Internet

 

2960 has multiple VLAN svi X, Y, Z etc.  only the native VLAN subnet - X has internet, others don't.

 

on meraki i have LAN port configured as trunk to 2960 with subnet X as the native vlan.  also added static route on MX for each of subnet Y, Z etc with next-hop of 2960 X subnet ip

7 REPLIES 7
Highlighted
Kind of a big deal
Kind of a big deal

Re: multi subnet NAT on MX100

yes, and you don't need a layer3 switch to use multiple subnets. a MX + layer2 switches is enough.

 

https://documentation.meraki.com/zGeneral_Administration/Tools_and_Troubleshooting/Networking_fundam...

Highlighted
Kind of a big deal

Re: multi subnet NAT on MX100

What specifically are you trying to accomplish/NAT?

Adam R MS | CISSP, CISM, VCP, MCITP, CCNP, ITILv3, CMNO
If this was helpful click the Kudo button below
If my reply solved your issue, please mark it as a solution.
Highlighted
New here

Re: multi subnet NAT on MX100

ability to NAT subnets Y,Z

Highlighted
New here

Re: multi subnet NAT on MX100

thanks but this is router-on-a-stick setup....my L3 sw does the inter-vlan routing.  All i want is the non-manage/non-native vlans to be able to NAT using the same MX internet uplink

Highlighted
Kind of a big deal

Re: multi subnet NAT on MX100

As long as your 2960 switch has a static default route to the MX and the MX has static routes back to the 2960 subnets, this will work fine. You can leave the MX in the default "single LAN/no VLAN" mode when doing this setup. 

 

All of the 2960 subnets will be NAT'd the MX's WAN IP. 

MRCUR | CMNO #12
Highlighted
New here

Re: multi subnet NAT on MX100

ok, if i disable routing and use "single LAN", would the LAN port (under 'Per-port VLAN) be set as "access" port towards 2960 sw port ?

Highlighted
Kind of a big deal

Re: multi subnet NAT on MX100

Single LAN does not disable routing on the MX. You'll still need to define an appropriate subnet for the single LAN so there is connectivity between the MX and 2960. I typically set up a /30 for this since it's just a point to point connection. 

 

You can leave the MX LAN port as an access port though. 

MRCUR | CMNO #12
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.