Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Router on a stick with Cisco Firepower and Meraki switch

Acepak1
Conversationalist
3 weeks ago
3 weeks ago

Router on a stick with Cisco Firepower and Meraki switch

Hi all,

I have to configure Inter-Vlan routing with Cisco Firepower and Meraki MS L2. It does not matter if we're going to use MX for upstream firewall. In this case, my client's device is cisco firepower. If so, I need to configure sub-interface in Cisco FPR. May I know which topology can work with Meraki.

Acepak1_0-1722564330735.png

 

Labels:
0 Kudos
Subscribe
3 Replies 3
IvanJukic
Meraki Employee
Meraki Employee
3 weeks ago
3 weeks ago

Hi @Acepak1 ,

 


Given the brief, if the Meraki Switch is only Layer 2 and will not perform any routing. Then the default config right out the box should be ok. See below guide for specifics.

 

https://documentation.meraki.com/MS/Deployment_Guides/Advanced_MS_Setup_Guide#Default_configuration

 

Essentially you could use the design on the right for VLAN 1 for Management (switches need IP address) and set the ports to match the VLANs needed for clients, dhcp, etc. just pay attention to;

 

1.) Ensure Ports being used have correct config.

a. Ensure they are Trunked (only to other device ports that need specific vlans) or Access.
b. Confirm Native Vlans match

 

2.) Ensure STP Root is set on the correct switching device. Don't know how many you have. So refer to guide.


So something like on the Meraki Switch.

STP = Managemnt VLAN 1.

STP Priority = 32768

 

VLAN 1 = Management
Vlan 10 = Data (DHCP, etc)
Vlan 20 = Voice


Port 1 -> other switch or AP Port
Trunk
Native VLAN 10
Allow 1,10,20


Port 6 - > to PC or Deskphone
Access
Native 10
Allow 10, 20

 

 

 


Cheers,

Ivan Jukić,
Meraki APJC

If you found this post helpful, please give it kudos. If it solved your problem, click "accept as solution" so that others can benefit from it.
0 Kudos
Subscribe
In response to IvanJukic
Acepak1
Conversationalist
3 weeks ago
3 weeks ago

Thank you for the guidance. There is only one Meraki L2 switch. I have a concern regarding the sub-interface configuration on the Cisco Firepower and its compatibility with the Meraki switch.

 

1>In this case, Physical interface is VLAN1. Do I still need to configure VLAN1 as sub interface or can I still use VLAN1 as a physical interface?

 

2>Will the sub-interfaces on Cisco Firepower for VLAN10, and VLAN20 work correctly with the Meraki MS L2 switch? Specifically, will inter-VLAN routing function properly in this setup?

 

I'm looking forward to hearing from you soon.

 

Thank you for your assistance

0 Kudos
Subscribe
In response to Acepak1
IvanJukic
Meraki Employee
Meraki Employee
2 weeks ago
2 weeks ago

Hey there!

In general, for most capable Layer 2/3 devices. You tag the port with your VLANs, then create virtual interfaces for each VLAN and add the layer 3 IP details; as shown in your examples.


However, I am not certain about FirePower configurations. It's best to refer to the configuration guides or reach out to their support team for assistance.


The Meraki Switch shouldn't be a problem as long as the port configurations are correct.


Cheers,

Ivan Jukić,
Meraki APJC

If you found this post helpful, please give it kudos. If it solved your problem, click "accept as solution" so that others can benefit from it.
0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.