cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
145
Views
0
Helpful
7
Replies
Highlighted
Beginner

Network connectivity to a partner on Cisco Meraki infrastructure

Hello

Not sure if this the correct community to post in - but could not find a better match.

We recently partnered with a company whose network infrastructure wired/wireless is completely Cisco Meraki managed. Our network infrastructure is traditional IT managed routers, and switches.

We are now faced with a request to open up our switch ports at one of our locations so the users from this partner (on Meraki infrastructure) can have connectivity back to their 'meraki cloud of about 10+ sites. I've done some research on the meraki, but from what i see it is cloud managed - so providing basic layer 2 port on our switch port for that user does'nt seem to cut it. I do not have details into how meraki works without a support login. But, am quite familiar on the cisco side and our lan connectivity uses 802.1x authentication with traditional wired/wireless connectivity.

As meraki is now with cisco - wondering if anyone here has any experience on the same. Or any pointers to such an integration

thanks in advance

aram

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted

The answer would really depend on several things like:

1) Type of Cisco switches that you have

2) Type of Meraki gear that you are trying to integrate with

3) What is your current network layout

4) Do you have overlapping IPs and VLANs between the two networks

5) Do you need segmentation, Firewalling, etc between the two networks

Overall, you should be able to connect the two networks just fine. Meraki has both L2 and L3 devices. The L2 devices do support certain flavors of spanning-tree so that will be a consideration there. 

If possible, and if both networks support it, then I would suggest doing a L3 connection between the two. That way you won't be extending the L2 diameter of your network and can protect yourself from some nasty spanning-tree related issue. 

If you have some overlapping IPs then you can even consider placing a Firewall in between and perform some NAT and routing. 

With regards to 802.1x and ISE. At the moment, Meraki's capabilities on the switch side are limited. For more info check out the following guide that was recently updated:

http://www.cisco.com/c/dam/en/us/td/docs/security/ise/how_to/HowTo-86-Integrating_Meraki_Networks.pdf

Thank you for rating helpful posts!

View solution in original post

7 REPLIES 7
Highlighted
Cisco Employee

Hello Aram-

Yes, the Meraki hardware is all managed via a cloud controller. Thus, admins and Meraki devices will need to have access to the internet. You can also configure the access to be limited to only the IP addresses of the Cloud Controllers but that is not ideal as those IPs might change. 

I hope this helps!

Thank you for rating helpful posts!

Highlighted

Thanks much. Appreciate the response

I get it that the Meraki is cloud managed. But, wondering given this scenario - if we can provide switch port layer 2 or 3 connectivity to the partner Meraki network from our traditional internal IT managed network.

basically, they want to use our cabling, patch panels and switch ports to connect to the meraki network :-)

-aram

Highlighted

Can you confirm which one is your concern:

1. Giving users access on your network so they can access Meraki's management console?

Or

2. Providing connectivity L2/L3 from your network to the Meraki network?

Thank you for rating helpful posts!

Highlighted

#2 - how to provide l2/l3 connectivity from our network to the meraki network.

thanks

Highlighted

The answer would really depend on several things like:

1) Type of Cisco switches that you have

2) Type of Meraki gear that you are trying to integrate with

3) What is your current network layout

4) Do you have overlapping IPs and VLANs between the two networks

5) Do you need segmentation, Firewalling, etc between the two networks

Overall, you should be able to connect the two networks just fine. Meraki has both L2 and L3 devices. The L2 devices do support certain flavors of spanning-tree so that will be a consideration there. 

If possible, and if both networks support it, then I would suggest doing a L3 connection between the two. That way you won't be extending the L2 diameter of your network and can protect yourself from some nasty spanning-tree related issue. 

If you have some overlapping IPs then you can even consider placing a Firewall in between and perform some NAT and routing. 

With regards to 802.1x and ISE. At the moment, Meraki's capabilities on the switch side are limited. For more info check out the following guide that was recently updated:

http://www.cisco.com/c/dam/en/us/td/docs/security/ise/how_to/HowTo-86-Integrating_Meraki_Networks.pdf

Thank you for rating helpful posts!

View solution in original post

Highlighted

Thanks.. the howto doc and corresponding response you sent in is quite useful. appreciate that

Highlighted

You are welcome! Glad I could help :)

Best reagards, 

Neno