Meraki MX64 - Static Routing

Solved
sbru
Here to help

Meraki MX64 - Static Routing

Hi

I am new to Meraki equipment and this forum, I am also not exactly an experienced network administrator but I have worked on routers and switches before, we replaced a Mikrotik Cloud Core router with this new MX64 for VPN reasons

 

So the issue we are having is to add a new subnet to the MX64, our main DHCP subnet is 192168.2.0/24 and we have devices with static 192.168.5.xxx IPS as well, before on the Mikrotik it was simple to just add another subnet to a port or ports and all was good, no VLAN, etc was needed 

How do I do this on the MX64 ?

Thanks a bunch in advance for any help!

 

1 Accepted Solution
Greenberet
Head in the Cloud

Hello,

 

you have to create a vlan for that.

After the VLAN creation you can assign one or more ports to that vlan.

View solution in original post

10 Replies 10
Greenberet
Head in the Cloud

Hello,

 

you have to create a vlan for that.

After the VLAN creation you can assign one or more ports to that vlan.

sbru
Here to help

Thanks for the reply

I should have mentioned that DHCP for 2.xxx is handled by our server and on the MX64 there is no DHCP at all

 

So I activated VLAN and added the new VLAN ID 10 as subnet 192.168.5.0/24 and MX IP as 192.168.5.1, I made sure both my default VLAN 1 and the new ID 10 are both allowed on all ports, I have no luck to ping a 5.xxx client from a 2.xxx client, what am I missing ?

By the way I have no static route added anymore, do I still need to add one ?

sbru_0-1593191924953.png

 

ww
Kind of a big deal
Kind of a big deal

Where  are the clients  connected and what vlan is on the access port and on the trunk port connected to the mx? 

What ip and gateway  has client 1 and ips1 ?

sbru
Here to help

Please excuse my ignorance, but I am willing to learn

We have 2 other switches where the clients are all connected too, none of those switches have a VLAN setup, port 1 on the MX goes to one of the switches and from that switch, it goes to the next, some of those switch ports go to antennas which go to remote locations, 7 to be exact so there are more switches downstream

On the 5.xxx clients, we have for example 192.168.5.100 netmask 255.255.255.0 and gateway 192.168.5.1

 

I assume I am missing something major here, we had it working by making a static route to the old Mikrotik router which we reset and gave one port a 2.xxx IP and set a 5.xxx subnet on another port and plugged that back into one of the switches, but this just doesn't seem right and we had issues with VoIP equipment on 5.xxx 

 

 

 

ww
Kind of a big deal
Kind of a big deal

It looks like your mikrotik  supports  more then 1 IP on the interface/default vlan.  

Meraki only support 1 IP/subnet for each vlan interface. So you need to (re)design your network  based on vlans

sbru
Here to help

ww,

That's what I was afraid I would hear, VLANs are the only option.

 

That does bring me to another question, as mentioned we got this new MX64 router only because of a VPN issue between the Mikrotik site to site VPN to another MX64 router at another location, I keep seeing the passthrough or VPN concentrator option on the MX, I have read a bit on this but fail to fully comprehend what I can do with that

Could I have kept the Mikrotik router in place and disabled the IPSec VPN and just added the MX and use it only for VPN ?

If so could someone explain how I would connect this to our current router/network to accomplish this?

Thanks so much for any help!

 

Uberseehandel
Kind of a big deal

We have the WAN port on the MX uplinking to a different brand gateway's LAN port, using a unique LAN subnet, not a VLAN. The other gateway is connected to the internet using PPPoE via a Vigor 130 modem in bridge mode (for IPTV reasons).

 

The other gateway is configured as a DHCP server and the MX receives its IP from the DHCP server. I have successfully tested running a VPN from a Z3C using LTE to the MX.

 

We have not needed to address the Double NAT issue, which simplifies configuration of the upstream gateway.

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
sbru
Here to help

Thanks for the feedback

We are going to try it in VPN concentrator mode see if we have any luck

 

If I need more help with this I will start another discussion 

 

Uberseehandel
Kind of a big deal

If numerous VLANs are used, I have found it simpler if there is a direct correlation between the VLAN ID and the IP address. For example

 

VLANVLAN ID
192.168.11.0/2411
192.168.111.0/24111
192.168.121.0/24121

 

 

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
sbru
Here to help

That sounds like sound advice, thanks

At this point it looks like I will need to redo my network 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels