Buy or Renew
Buy or Renew
NEW: Try the Beta AI Summary feature on posts in the Routing and SD-WAN forum. Click to go to the forum.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4953
Views
5
Helpful
9
Replies

MX84 WAN2 setup

RGN
Community Member

‎10-30-2023 08:30 PM

I have an MX84. ISP has provided multiple static public IP addresses.

I have WAN1 connected to the modem/gateway from ISP. All traffic bypasses modem/gateway, into MX85 through WAN1.

Is it possible to configure WAN2 with a second static public IP and have specific clients flow through WAN2?
The goal is the following: 3rd party compliance vendor wants to isolate specific web traffic.

Thanks!

Labels:
0 Helpful
9 Replies 9

MerakiGnome
Meraki Community All-Star
Meraki Community All-Star

‎10-31-2023 02:15 AM

Hi @RGN - this configuration is indeed possible. Under SD-WAN and Traffic Shaping look for flow preferences. Here you can configure your source and destination (including ports) and specify which WAN port to traverse.

Darren OConnor
https://www.linkedin.com/in/darrenoconnor

aleabrahao
Meraki Community All-Star
Meraki Community All-Star

‎10-31-2023 04:02 AM

Refer the documentation.

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Load_Balancing_and_Flow_Preferences#Enabling_and_Configuring_WAN_2

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

RGN
Community Member

‎10-31-2023 08:15 AM

Thank you for the info. Using the link provided by @alessandrodematos my layout looks like this:

image.png

I only have path going in and out provided by ISP. Still doable???

0 Helpful

aleabrahao
Meraki Community All-Star
Meraki Community All-Star
In response to RGN

‎10-31-2023 08:21 AM

Yes, but keep in mind that it is the same ISP, if any type of failure occurs you will be left without access anyway. So I don't see any advantage in configuring the second link with the same ISP, it would make much more sense if you had a different ISP.

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Helpful

RGN
Community Member
In response to aleabrahao

‎10-31-2023 08:24 AM

For sure, having a second ISP would be the key factor, but limited at the moment. Fiber from ISP, existing equipment from ISP doesn't provide an extra WAN/Internet port from their equipment. Focus is more on isolating web traffic versus having redundancy with two ISP's.

0 Helpful

aleabrahao
Meraki Community All-Star
Meraki Community All-Star
In response to RGN

‎10-31-2023 08:28 AM

I got it, and yes you definitely can try this way.

I am not a Cisco employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Helpful

RGN
Community Member
In response to aleabrahao

‎10-31-2023 08:37 AM

Thank you, will share feedback later on.

0 Helpful

Philip D'Ath
Meraki Community All-Star
Meraki Community All-Star

‎10-31-2023 01:16 PM

>The goal is the following: 3rd party compliance vendor wants to isolate specific web traffic.

Check your compliance requirements - but if you need separation, you might need a separate MX appliance for reporting and auditing purposes.

RGN
Community Member

‎02-13-2024 09:31 PM

Summary on my results:
From ISP into an unmanaged switch.

From the unmanaged switch, one patch cable to WAN1, second patch cable to WAN2 on Meraki.

Each WAN with a static IP provided by ISP.

Designated a specific VLAN for WAN2 by way of traffic flow rules.

Thank you all for the help and advice!

0 Helpful
Customers Also Viewed These Support Documents