Just putting it out there to see if anyone has configured Meraki Layer 3 switches with a WatchGuard Firewall and if there were any issues.
We are shortly going to swap out some old HP switches with new Meraki Switches (MS425's, MS225's)
I'm not expecting any issues but you never know just trying to do due diligence beforehand to minimize outage as whole network will be down while we replace to new ones
We’ve not had any issues with routing from
Meraki switches to Watchguards. With one of our customers they had one at each location. Simple default route on each layer 3 switch to each watchguard as they were the dfg to the Internet. Simples.
I’ll just add that we’ve now replaced all those Watchguards to Meraki MX’s 😁
If the firewall policy is tight you might need to add rules to allow the Meraki switches to talk to the cloud. From the Meraki Dashboard you can go "Help/Firewall" Info to see what firewall rules might need to be added.
Also BEFORE you deploy the switches add them to the network in the Meraki dashboard, power them up, and plug them into the network so they can have Internet access, and leave them for 24 hours.
The very first time they can take quite a while to complete their firmware upgrade process. I have seen it again and again where people think something is wrong and power cycle the switches causing the whole process to start again. It then adds on hours to the cut over.
Do the above and you can just plug them in and power them up and they'll be in a state to start taking your config and start working.
Also note for layer 3 switches doing actual layer 3 routing, the switch management IP addresses (the ones that talk to the cloud) MUST be in the uplink VLAN to your firewall, and must use the firewall as their default gateway. They CAN NOT use themselves as the default gateway.
Thanks for the info
I have had them powered on and off for testing purposes on a separate isolated internet connection so I can get them on the cloud.