cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

2 MXs with multple VLANs

SOLVED
Go to solution
Aztec_Ninja
Getting noticed
‎09-06-2023 09:12 AM
‎09-06-2023 09:12 AM

2 MXs with multple VLANs

Hello

We have TWO MXs configured with multiple VLANs.  I need to a device to access device across the MXs.  Is this possible without adding the VLAN to each MX?  Sorry if this is confusing or I am not explaining properly, but I am attaching a diagram to help.  Thank you for your help. 

 

Aztec_Ninja_0-1694016727089.png

 

0 Kudos
Subscribe
1 ACCEPTED SOLUTION
In response to Aztec_Ninja
alemabrahao
Kind of a big deal
Kind of a big deal
‎09-06-2023 11:38 AM
‎09-06-2023 11:38 AM

No, the subnet must be the one you want to access from the peer side.

Like the image I sent, if on the MX1 you want to reach the 100.x.x.x network that is on the Mx2 then your route has to be as follows.

Subnet 100.x.x.x/24 (just an example) next hop 172.16.1.2 (MX2 interface IP).

View solution in original post

0 Kudos
Subscribe
11 REPLIES 11
alemabrahao
Kind of a big deal
Kind of a big deal
‎09-06-2023 09:20 AM
‎09-06-2023 09:20 AM

You need to add routes on each MX, but for that each MX needs to be on a link VLAN to be able to point the next hop.

So you can create vlan 999 (for example) with a /30 address on each MX and then just add the static routes.

 

alemabrahao_0-1694017158816.png

 

Or just configure  SD-WAN.

 

0 Kudos
Subscribe
In response to alemabrahao
alemabrahao
Kind of a big deal
Kind of a big deal
‎09-06-2023 09:24 AM
‎09-06-2023 09:24 AM

If you consider using SD-WAN (in my opinion it's the best way) don't forget that one of the MXes must be the HUB.

 

https://documentation.meraki.com/Architectures_and_Best_Practices/Cisco_Meraki_Best_Practice_Design/...

0 Kudos
Subscribe
In response to alemabrahao
ww
Kind of a big deal
Kind of a big deal
‎09-06-2023 09:28 AM
‎09-06-2023 09:28 AM

I would choose static routes.

It saves you the impact/load of tunnel encryption on the mx, less latency on you sessions, and no mtu reduction

0 Kudos
Subscribe
In response to ww
alemabrahao
Kind of a big deal
Kind of a big deal
‎09-06-2023 09:37 AM
‎09-06-2023 09:37 AM

Yes, I agree, but he also asked for a way without having to create another SVI, in which case SD-WAN "would be" the best way.

0 Kudos
Subscribe
In response to ww
Aztec_Ninja
Getting noticed
‎09-06-2023 10:41 AM
‎09-06-2023 10:41 AM

To confirm the static route would live on the MX configured without the VLAN I need to reach, correct? 

 

Ill give this a shot, thanks again.

0 Kudos
Subscribe
In response to Aztec_Ninja
alemabrahao
Kind of a big deal
Kind of a big deal
‎09-06-2023 10:45 AM
‎09-06-2023 10:45 AM

Yes, but you need to have a common VLAN on each MX with a configured IP, to point the next hop.

Subscribe
In response to alemabrahao
alemabrahao
Kind of a big deal
Kind of a big deal
‎09-06-2023 10:53 AM
‎09-06-2023 10:53 AM

Some thing like this.

alemabrahao_0-1694022774988.png

 

Subscribe
Aztec_Ninja
Getting noticed
‎09-06-2023 11:29 AM
‎09-06-2023 11:29 AM

I configured the common VLAN with a uniquire Gateway IP will save no issues.

 

The issue is now when I add the static Route, I use the subnet of the VLAN and next Hop IP, I get the following message:

 

  • Static lan route subnets cannot be contained by (or be equal to) a VLAN subnet.

Which subnet should I use when adding the static route to MX 2?  MX 2 is where I am adding the common VLAN. In your example I am using the VLAN 999 subnet 172.16.1.0/30 next hop 172.16.1.1

 

On MX1 I just added static route 172.16.1.0/30 next hop 172.16.1.2, this saved without error.

 

0 Kudos
Subscribe
In response to Aztec_Ninja
alemabrahao
Kind of a big deal
Kind of a big deal
‎09-06-2023 11:38 AM
‎09-06-2023 11:38 AM

No, the subnet must be the one you want to access from the peer side.

Like the image I sent, if on the MX1 you want to reach the 100.x.x.x network that is on the Mx2 then your route has to be as follows.

Subnet 100.x.x.x/24 (just an example) next hop 172.16.1.2 (MX2 interface IP).

0 Kudos
Subscribe
In response to alemabrahao
Aztec_Ninja
Getting noticed
‎09-06-2023 12:04 PM
‎09-06-2023 12:04 PM

Ah I now see my mistake.  Static route is working, thank you for the help kind sir!  Virtual pint on me!!

 

 

 

 

0 Kudos
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎09-06-2023 01:34 PM
‎09-06-2023 01:34 PM

The two MXs would need VLANs with unique subnets to make this work.

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2023 Meraki