Community Record
7
Posts
0
Kudos
0
Solutions
Badges
Mar 18 2024
2:03 PM
2.) Yes, we do need internet for this branch, appreciate that clarification. So, I'd need routes to the internet, DNS, DHCP and cameras. 3.) Dang on the firmware! Guess we are going to need to look at new appliances if we want to go this route as well! Thanks again for your help!
... View more
Mar 18 2024
1:41 PM
Appreciate your response! Correct, essentially we will just be providing this branch an internet connection. Also, access to the DHCP server and DNS and camera server. We have internal fiber from our NOC to the distribution switches. This branch doesn't need to even access those sites funny enough. 1.) So, if I'm thinking this through correclty I could connect our MX to our core, give it an internal IP address and let it form the autoVPN with the MX on the branch side? 2.) Since I only need the branch side to be able to access DNS and DHCP services and potentially our camera server, I'd then provide routes on the NOC side MX so the branch can get to that? 3.) Would the MX need to be connected to trunk port wiht a native VLAN tagged or access port with the VLAN I put it in? We have very low bandwidth needs at this branch, so would use the MX65 on that side and the MX84 on the NOC side. I've worked with Meraki for years, but never the MX products, so just want to make sure I'm not overlooking anything before I begin this project. Thanks again for your assistance!
... View more
Mar 18 2024
9:29 AM
Good Morning! I'm sure this question has been asked. But, I did some searching and couldn't find the answer I'm looking for. A high level view of our topology at our datacenter/NOC level is as follows: Firewall | Content Filter | Layer 3 core router | Distribution layer | Access layer We are adding a small branch. We have two option to do this in my understanding. Form a VPN peer with our existing firewall (not a Cisco or Meraki firewall). Or our preferred option is use a MX security appliance in the NOC along with a MX security appliance at the branch. We don't need redundancy or hot spares, so just the one MX on each side of the VPN tunnel. So, I have three questions. 1.) In our topology, it looks to me like the MX on the NOC side would plug into our layer 3 switch in our NOC (or even one of the layer 2 switches) and use an internal IP address. We would just need to make sure it's allowed through the firewall. Is this correct? 2.) I've read conficting options on if I'll need do any routing on the MX appiance in the NOC, but if it's forming a VPN peer with the other MX, I'm not seeing why I would? 3.) Can you mix and match the models of MX appliances that work together? For instance we have an MX84 and a MX65 that we would like to use together :). Apologize if my questions are redundant! Thanks for the assistance!
... View more
Mar 6 2024
10:05 AM
I understand that. I'm asking what do others do in this situation if the switch is only needed to do layer 2. Do they add a static route to just get their layer 3 switch? Do they just enable it and not do any routing? Or does Meraki only intend for switches that are actually layer 3 to be onboarded?
... View more
Mar 6 2024
9:56 AM
Thank you both for the reply. As this switch requires no routing, I just have it point via "IP Default-Gateway" to our layer 3 switch at that location for any inter VLAN routing or to get out the internet. I'd like to get this into the dashboard to be monitored as well though. So, my thought is if I enable IP routing I'll take out the IP default-gateway command and do a static route to send everythign to the layer 3 switch? Thoughts on this? Or what do others do that have a layer 2 switch and want to get it onboarded? Thanks again! -Scott
... View more
Mar 4 2024
10:57 AM
Good Morning, I'm attempting to onboard a Cisco 9200 switch for visibility onto our Meraki cloud. I'm at the pre-check and getting all the way to where it wants IP routing turned on. Problem is this switch is an access switch and only needing to do layer 2. With the management VLAN the only SVI with an IP address on it. So, my question is, do I only need ip-routing turned on during the onboarding process, then in can be turned off? I'd rather not have ip-routing turned on if I don't need to have it turned on. Thanks! -Scott
... View more
Oct 18 2023
1:47 PM
We also don't have it showing up. Is this a dashboard item, or does the switch have to be on a certain firmware possibly? Thanks! -Scott
... View more
