Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

vMX Interfaces Question

Solved
NewMerakiGuy
Comes here often
‎Mar 24 2024 2:27 PM
‎Mar 24 2024 2:27 PM

vMX Interfaces Question

I installed new vMX on the AWS cloud environment. I'm trying to add second interface for the LAN network to connect a pc behind the firewall (as a LAN)  but I don't see any option so far to add second interface via AWS and I see only "Internet" port in the Dashboard.

 

Is it possible to have two interfaces on vMX ? if yes, please can you guide me to the instructions

 

Labels:
0 Kudos
Subscribe
1 Accepted Solution
In response to NewMerakiGuy
MyHomeNWLab
A model citizen
‎Mar 25 2024 9:08 AM
‎Mar 25 2024 9:08 AM

vMX only recognizes port for Internet port even if multiple vNICs are added.

Therefore, regardless of the mode, the NIC cannot be divided into Internet-side and LAN-side roles.

Even in limited NAT mode, all traffic is communicated through the Internet port.

View solution in original post

Subscribe
8 Replies 8
ww
Kind of a big deal
Kind of a big deal
‎Mar 24 2024 3:01 PM
‎Mar 24 2024 3:01 PM

Is it running in nat mode?

https://documentation.meraki.com/MX/MX_Installation_Guides/vMX_Setup_Guide_for_Amazon_Web_Services_(...

Subscribe
In response to ww
NewMerakiGuy
Comes here often
‎Mar 24 2024 3:07 PM
‎Mar 24 2024 3:07 PM

Yes.

0 Kudos
Subscribe
In response to NewMerakiGuy
ww
Kind of a big deal
Kind of a big deal
‎Mar 24 2024 3:59 PM
‎Mar 24 2024 3:59 PM

I never used it, but this doc states its currently just 1 interface

https://documentation.meraki.com/MX/Other_Topics/vMX_NAT_Mode_Use_Cases_and_FAQ#FAQs

Subscribe
MyHomeNWLab
A model citizen
‎Mar 24 2024 4:47 PM
‎Mar 24 2024 4:47 PM

vMX can only have one NIC regardless of the mode.

Subscribe
In response to MyHomeNWLab
NewMerakiGuy
Comes here often
‎Mar 25 2024 6:17 AM
‎Mar 25 2024 6:17 AM

@MyHomeNWLab  thanks for the feedback. So, the vMX capabilities are limited and it is not supporting standard firewall traffic inspection ?

0 Kudos
Subscribe
In response to NewMerakiGuy
MyHomeNWLab
A model citizen
‎Mar 25 2024 8:04 AM
‎Mar 25 2024 8:04 AM

First of all, you are selecting Limited NAT Mode.

The Limited NAT Mode (NAT Mode of vMX) comes with restrictions, as the name suggests.
For example, redundancy with DC-DC failover is not supported.

The One-Armed Concentrator does not have that restriction.

If we had no particular reason, we would choose the One-Armed Concentrator.


Instead of focusing on individual functional aspects, you might want to talk about what you want to do.

If we don't know what you want, we don't know if it is the right mode choice, or if Meraki should be chosen in the first place.

0 Kudos
Subscribe
In response to MyHomeNWLab
NewMerakiGuy
Comes here often
‎Mar 25 2024 8:31 AM
‎Mar 25 2024 8:31 AM

Hey @MyHomeNWLab  I just need to add additional interface for the LAN (internal network) on the vMX, but based what I see and what you mentioned, the vMX is supporting only one interface (Internet) and that's indicating the vMX is not supporting that, right ?

 

Also, within the AWS vMX setup, it is required the Private IP, therefore the Internet Interface has both Private and Public IPs.

0 Kudos
Subscribe
In response to NewMerakiGuy
MyHomeNWLab
A model citizen
‎Mar 25 2024 9:08 AM
‎Mar 25 2024 9:08 AM

vMX only recognizes port for Internet port even if multiple vNICs are added.

Therefore, regardless of the mode, the NIC cannot be divided into Internet-side and LAN-side roles.

Even in limited NAT mode, all traffic is communicated through the Internet port.

Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.