Meraki

MerakiLife · ‎Jun 10 2024

Hi All,

We have always had a fail over HSRP/HA MX with a BT leased lien failover circuit 1 in each device and it served us well.

We have now introduced a cheap broadband line for our primary MX100 in WAN 2 and we are looking for all non-corporate and Guest traffic to be pushed out to that as opposed to thottling and having them use our primary leased line.

I was about to do it but realised our Volutneer network is using NAT isolation and the default scope is 10.0.0.0/8 and all teh guests have random 10.x.x.x adresses with the 2nd octet changing.

I was hoping to say guest network 10.10.10.x/24 source go over WAN2 but the issue is (even though it's isolated) that 10.0.0.0/8 actually overlaps our main corporate LAN which is 10.15.x.x (lots of vlans /24).

Is there anyway to change the default Meraki scope of isolation from 10.0.0.0/8 or do we have to use a DHCP server and bridge it and secure with firewall rules?

i.e should I re-do the guest network

alemabrahao · ‎Jun 10 2024

No, you cannot change the scope when using NAT mode.

Just to remember that in NAT mode the client uses the Access Point IP to browse.

My advice is to use bridge mode and create a subnet for your Guest network.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

MerakiLife · ‎Jun 10 2024

Ah ok so I could use the range of AP IP's to route traffic over WAN2 as they have their own subnet. But then again I think it's be neater to use bridge mode with DHCP/Isolation.

Meraki

Community

Guest WiFi and Traffic Shaping flow preference

Guest WiFi and Traffic Shaping flow preference