Hi,
We have a case as below:
Head office has 4 internet connections, 2 of them are connected to the Meraki MX84 .
in other sites (5 other branches) has MX64 in each site with internet access.
we use SD_WAN features to connect all sites through Auto-VPN feature in Meraki MX devices.
in Head office, there is a very heavy usage for VPN to multiple sites for accessing specific DVR devices (all the time) in remote branches. which is consuming the internet bandwidth ..
So, the question is:
can we add another MX device in Head office and connect different internet connections to it so that this MX will be responsible to handle connections to those specific remote DVRs?
assuming that in this case, the same remote sites will be connected to 2 MX devices at the same time ..
can a network in Meraki dashboard handle 2 different MX devices connected to same branches and we do the routing to route traffic to the DVRs through one of them only? and remaining VPN traffic to go through the old Meraki device in HQ?
I hope I explained the scansion well..
appreciate your feedback.
Just put new MXs into a dedicated network, from there on you're able to do what you're describing. There can only be one MX (including its spare unit) at a time within a given network.
Thanks @CptnCrnch for your reply.
in your suggested scenario, do you think there will be a conflict in IP for LAN interface for the MX? since there will be the same subnets in 2 different Meraki networks..
appreciate your feedback.
You need to move your dvr subnet to the "new" location/network.
Create a new subnet and possibly transfer subnets for the nex MXs then. 😎
@ahmadtat wrote:
in your suggested scenario, do you think there will be a conflict in IP for LAN interface for the MX? since there will be the same subnets in 2 different Meraki networks..
Don't do that. It's a poor design. Create transit subnets between the MX's and route as needed between them.
The idea is to have a "new" subnet (VLAN) for your DVR's behind the "new" MX. Have your "original" subnet behind the "original" MX. And create a new "transit" VLAN that both MX's share. Then add routes in both MX's to allow the "original" subnet and the "new" subnet to speak with each other. These "static" routes will be preferred over the routes coming from the AutoVPN. The static routes would look as follows:
Like already mentioned before, these two MX's will need to be in different dashboard networks.