@BWestlake wrote:
Say you have a MS120-8 acting as a L3 switch and have a /29 allocated by ISP;
Nope. It's L2 only.
Sorry, I should have read more... You don't need it to be L3... You only need an L2 switch out there.
In my experience Meraki switches do not make great WAN breakout switches due to their persistent nature in trying to talk to the cloud at all costs. You're better off to get another inexpensive switch for this purpose.
As for your IP's, you don't have enough IP's to do it the way you're asking. If you want to do that you need more IP's. Plain and simple.
Your other options could be to put site 2 behind the MX's of site one, and make it part of your LAN instead of your WAN. You might want to use the No-NAT feature in version 15 of the MX at that site in this scenario.
Other than that... Get more IP's? 🙂
@BrandonS wrote:I am working on the same setup right now and support advised me to make sure the MS120 you are using as a "breakout" switch between the provider side and the MX is assigned an internal IP statically to ensure it does NOT get a public IP. You don't really want or need your MS120 having a public IP for any reason.
Yeh, this has caused me grief in the past. The problem with making sure the MS doesn't get an IP is that if it loses connectivity it will start to DHCP for an address on every port, and on any and every VLAN it can find. If your provider assigns addresses via DHCP, or if you have a limited amount of dynamic IP's available, there's a good chance the MS will grab one and use it to talk to the cloud.
