multiple MX devices in one site?!

ahmadtat
Getting noticed

multiple MX devices in one site?!

Hi,

We have a case as below:

Head office has 4 internet connections, 2 of them are connected to the Meraki MX84 .

in other sites (5 other branches) has MX64 in each site with internet access.

we use SD_WAN features to connect all sites through Auto-VPN feature in Meraki MX devices.

 

in Head office, there is a very heavy usage for VPN to multiple sites for accessing specific DVR devices (all the time) in remote branches. which is consuming the internet bandwidth ..

 

So, the question is:

can we add another MX device in Head office and connect different internet connections to it so that this MX will be responsible to handle connections to those specific remote DVRs?

assuming that in this case, the same remote sites will be connected to 2 MX devices at the same time ..

can a network in Meraki dashboard handle 2 different MX devices connected to same branches and we do the routing to route traffic to the DVRs through one of them only? and remaining VPN traffic to go through the old Meraki device in HQ?

 

I hope I explained the scansion well.. 

 

appreciate your feedback. 

7 Replies 7
CptnCrnch
Kind of a big deal
Kind of a big deal

Just put new MXs into a dedicated network, from there on you're able to do what you're describing. There can only be one MX (including its spare unit) at a time within a given network.

ahmadtat
Getting noticed

Thanks @CptnCrnch  for your reply.

in your suggested scenario, do you think there will be a conflict in IP for LAN interface for the MX? since there will be the same subnets in 2 different Meraki networks..

 

appreciate your feedback.

ww
Kind of a big deal
Kind of a big deal

You need to move  your  dvr  subnet  to the "new" location/network. 

 

CptnCrnch
Kind of a big deal
Kind of a big deal

Create a new subnet and possibly transfer subnets for the nex MXs then. 😎

jdsilva
Kind of a big deal


@ahmadtat wrote:

 

in your suggested scenario, do you think there will be a conflict in IP for LAN interface for the MX? since there will be the same subnets in 2 different Meraki networks..

 


Don't do that. It's a poor design. Create transit subnets between the MX's and route as needed between them. 

ahmadtat
Getting noticed

Can you please share more details on the transit subnets design you are suggesting?
BrechtSchamp
Kind of a big deal

The idea is to have a "new" subnet (VLAN) for your DVR's behind the "new" MX. Have your "original" subnet behind the "original" MX. And create a new "transit" VLAN that both MX's share. Then add routes in both MX's to allow the "original" subnet and the "new" subnet to speak with each other. These "static" routes will be preferred over the routes coming from the AutoVPN. The static routes would look as follows:

  • In the new MX: route to "original" subnet via the "original" MX's transit VLAN IP.
  • In the original MX: route to "new" subnet via the "new" MX's transit VLAN IP.

Like already mentioned before, these two MX's will need to be in different dashboard networks.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels