I have a new client (private school) that has an unusual requirement for their MX firewall. Their internal network connects directly to a private circuit to a managed data center provider for Internet access. They currently have an MX100; however, it is in pass-through (bridge mode). The provider requires the school to maintain the assigned the RFC1918 address space to the provider and therefore, they are unable to NAT at the firewall. They desperately need network segmentation and a zone-based firewall to isolate traffic between the internal VLANs. For simplicity purposes, I would like the MX100 to do this. I would like to change the Meraki MX firewall from pass-through to routed mode; however, the routed mode requires NAT to the uplink (Internet). I thought I read in one of the Beta release notes that this could be done, although, I cannot find the specific article. Any suggestions?
... View more