Meraki MS220-8P in offline network

Solved
Tomek
New here

Meraki MS220-8P in offline network

Hello,

 

I would like to use  Meraki MS220-8P switch in a LAN that has no access to the internet.

Is it anyhow possible?  What kind of features will be available offline, if any ?

 

Thanks!

1 Accepted Solution
BrechtSchamp
Kind of a big deal

Meraki really isn't the right choice for this use case. The switch may just do regular switching if it's never been connected to the internet but I'm not sure. After all it won't be able to check whether it's actually licensed to be used.

View solution in original post

9 Replies 9
Julian
Getting noticed

Hi, if you configure all desired configuration with internet when you put the switch offline is going to continue working. And you can reconfigure it the basic things from the local status page (https://documentation.meraki.com/zGeneral_Administration/Tools_and_Troubleshooting/Using_the_Cisco_M...). 

 

you need to take care about the configuration is saved to avoid restarts:

 

https://documentation.meraki.com/zGeneral_Administration/Cross-Platform_Content/Behavior_during_Conn...

MS
If the configuration is safe
  MS will never reboot
If the configuration is not safe
   MS will try to obtain an IP address on an alternate VLAN and then connect to the cloud through that alternate connection
   MS will revert to previous safe configuration 2 hours after lost connectivity
   After reverting to a safe configuration, the former configuration will be marked bad

 

 

 

 

Tomek
New here

Thanks for you reply. 

 

So the initial cloud connection is required before doing the local configuration?

 

I consider scenario in which Internet access won't be possible at all do to security reasons.

Would it still be possible to perform local config of factory default MS220-8P?

Simple L2 switching, with no fancy features.

 

 

 

BrechtSchamp
Kind of a big deal

Meraki really isn't the right choice for this use case. The switch may just do regular switching if it's never been connected to the internet but I'm not sure. After all it won't be able to check whether it's actually licensed to be used.

Tomek
New here

That makes sense. I'll go with cisco 2960 then.

BrechtSchamp
Kind of a big deal

Have a look at the Catalyst 9200L (fixed uplink) or 9200 (modular uplink). They're the newer generation.

Asavoy
Building a reputation

@BrechtSchamp - A Catalyst 9200L is way more switch than needed for an offline scenario, not to mention cost prohibitive and 24port is the smallest (I believe).

 

@Tomek I would recommend a SG300-10MP or SG350-10MP switch if you need a managed swtich with some POE ports. Newer and much better than a 2960!

BlakeRichardson
Kind of a big deal
Kind of a big deal

@Tomek  Cisco SG300 and 350 switches support both L2 and L3, there is a setting you can change that simply requires a reboot to switch between the two options. 

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
BrechtSchamp
Kind of a big deal


@Asavoy wrote:

@BrechtSchamp - A Catalyst 9200L is way more switch than needed for an offline scenario, not to mention cost prohibitive and 24port is the smallest (I believe).

 

@Tomek I would recommend a SG300-10MP or SG350-10MP switch if you need a managed swtich with some POE ports. Newer and much better than a 2960!


Good point, I had disregarded the 8-port part. I was thinking of the regular 2960X.

Brons2
Building a reputation

The 8 port 2960s are end of support.  If the requirement for being offline is for security, I can't imagine that throwing a switch into the mix that may have software vulnerabilities is a good idea.  Malware can move laterally from an Internet connected device into non-connected networks.  I'd look for something that is a current sale Cisco switch like SG200.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels