vMX100 in Azure - Change Dynamic to Static public IP

AwM1ng
Here to help

vMX100 in Azure - Change Dynamic to Static public IP

Hello,

 

Once you deploy a vMX 100 to Azure, I am aware it deploys it to a Locked Resource Group.

 

However the Public IP it assigns to the vMX is Dynamic, meaning if the device is ever rebooted in Azure it will change the Public IP.

 

I have not found a way to make this static.

 

I want to make it static due to the amount of VPN's now configured to go to it.

 

Has anyone come across this as a problem or has been able to unlock the resource group to change the IP to Static?

9 REPLIES 9
NolanHerring
Kind of a big deal

Might want to consider using DDNS instead of IP address since its dynamic.

https://documentation.meraki.com/MX/Other_Topics/Dynamic_DNS_(DDNS)

Nolan Herring | nolanwifi.com
TwitterLinkedIn
AwM1ng
Here to help

@NolanHerring- Thanks Nolan,

 

vMX doesn't have Security Appliance > Configure > Addressing & VLANs.So unable to set Dynamic DNS.


I wonder if setting a subdomain of the client's main domain to point to the IP of the vMX in Azure may be a way to go - but not entirely sure. Will test it out.

@PhilipDAth- Thanks Philip,

 

In Azure the resource group where the IP is located is locked - and I am unable to remove the lock to set the IP to static.

 

-----------------------

 

Seems the vMX is stripped back version of physical MX and a lot of the functionality is not available in the vMX.

 

 

Any solution for this?

My requirement is to setup client to site vpn on vMX Azure with a fixed public ip.

 

Our Azure team told me that fixed public ip can't be applied to vMX instance duo to Azure limitation.

Note that you can't stop the VMX in Azure - because the resource group does not give you permission to do this.  The IP address can only change during a start/stop, consequently the IP address can't change.

@PhilipDAth 

 

Need your expert advice on Meraki vMX.

 

I had vMx running on old azure subscription and everything was Ok from Azure and meraki daskboard, due to some reason i need to shutdown my old azure subscription so i deleted vmx from old azure and created on new Azure CSP subscription.

 

now i can see everything is fine on azure side, i can see public n static ip also in azure and can ping public Ip from internet, but i m not getting IP and sysn with meraki dashboard.

 

Please help and suggest?

PhilipDAth
Kind of a big deal
Kind of a big deal

You'll need to contact support.  When you move it like that they usually need to reset something on the back end to allow the licence to be used again.

@PhilipDAth  Thanks.

 

one more thing..

 

Do i need to allow UDP500 UDP/4500 and IP 50 (ESP) under meraki vMX dashboard?

 

or in Azure, if yes, where exactly in Azure?

PhilipDAth
Kind of a big deal
Kind of a big deal

I don't remember clearly now.  I don't think you need to change anything for AutoVPN to work.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels