Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

vMX in Azure

AM1065
New here
‎Jul 5 2022 5:08 AM
‎Jul 5 2022 5:08 AM

vMX in Azure

Good Afternoon,

 

We have client with an Azure tenant running a few IaaS services generally on Microsoft Windows VMs.

 

The Azure tenant is across three regions - West Europe, Central US & Australia East.

 

We would like to propose a vMX appliance to act as a perimeter Layer 7 firewall which will allow for site to site VPNs between the client's geo-located offices and this vMX appliance. Client VPN is also a requirement.

 

Currently the client has physical offices in London (most of the users are based here) with smaller offices in Colombia, LA, Melbourne, Sydney, New York.

 

We are trying to understand if

 

a) we need to have SD-WAN in place to accomplish this design,

b) we need to have a vMX appliance for each Azure region or will a single vMX appliance suffice

c) How can we achieve HA in this design if there is only one vMX appliance.

 

Any help will be appreciated.

 

Many thanks

 

 

Labels:
0 Kudos
Subscribe
3 Replies 3
AsangaB
Comes here often
‎Jul 5 2022 9:28 AM
‎Jul 5 2022 9:28 AM

I found this document useful for me. Hope it helps you to get your network designed.

Deploying Highly Available vMX in Azure

https://documentation.meraki.com/MX/Other_Topics/Deploying_Highly_Available_vMX_in_Azure

 

 

0 Kudos
Subscribe
AM1065
New here
‎Jul 5 2022 9:42 AM
‎Jul 5 2022 9:42 AM

Thank you @AsangaB - that is very useful. The issue we have though is we will not be able to use Layer 7 Firewall Capabilities as after posting my question, I went through a few more posts and speaking to our Meraki Rep, their appears to be no ETA for the same at the moment. So we will have to abandon this for now.

Subscribe
AsangaB
Comes here often
‎Jul 5 2022 12:22 PM
‎Jul 5 2022 12:22 PM

Integrating cisco Umbrella would get you what you need for L7 firewall capability.

However, I have not tested it yet, after creating a group policy you will see the L7 firewall option on the vMX side. Also, in the cisco Umbrella side for more DNS level security options.

 

Cisco Umbrella Policy option:

AsangaB_0-1657048225219.png

 

Cisco Meraki vMX Group Policy option.

AsangaB_1-1657048301231.png

 

Using the Cisco Umbrella would get you what you need for L7 security. It is worth trying/testing, ask for a trial account.

 

 

 

 

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.