cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

152
Views
0
Helpful
11
Replies
Beginner

Meraki MX DHCP capabilities in SSID VPN conentrator mode

Hi is it now possible to configure MX appliances in SSID VPN termination mode to act as a client DHCP server, this was not supported last time I looked. 

 

Thanks

Everyone's tags (1)
11 REPLIES 11
Highlighted
VIP Advisor

Re: Meraki MX DHCP capabilities in SSID VPN conentrator mode

Beginner

Re: Meraki MX DHCP capabilities in SSID VPN concentrator mode

Hi, yes I have seen this guide thanks, but there is no reference to DHCP capabilities. All that is required is for the MX to support DHCP for clients connecting to an SSID which terminates its tunnel on the MX
VIP Mentor

Re: Meraki MX DHCP capabilities in SSID VPN concentrator mode

I'm also not sure if this is what you want:

When tunneling an SSID to an MX, you specify a local MX VLAN to terminate the SSID on. This VLAN is configured for DHCP and the client gets an IP out of that pool.

Beginner

Re: Meraki MX DHCP capabilities in SSID VPN concentrator mode

I think this is saying that the MX receives its IP address via DHCP, the documentation does not refer to the MX been able to run DHCP services to facilitate client addressing
VIP Mentor

Re: Meraki MX DHCP capabilities in SSID VPN concentrator mode

The MX can get its IP in any way: static, DHCP or PPPoE. But for a central device running as a concentrator I would only use an internet-connection with statically assigned IPs.

For the client-addressing: Running a DHCP-server is one of the base features of the MX. Probably that's the reason the above document does not mention it.

Beginner

Re: Meraki MX DHCP capabilities in SSID VPN concentrator mode

Hi thanks for the reply. I was lead to believe the MX in VPN concentrator mode (one arm) was not capable of running client DHCP services. I'm struggling to find anything official in writing
VIP Mentor

Re: Meraki MX DHCP capabilities in SSID VPN concentrator mode

Ok, I think I really did not get your environment. Up to now I only ran the concentrator on devices in NAT-Mode. Although "officially" unsupported it works fine. You are right that in passthrough there is no DHCP-server. But you should be able to provide DHCP-services from the upstream device. Or is exactly this what you want to avoid?

Beginner

Re: Meraki MX DHCP capabilities in SSID VPN concentrator mode

Hi thanks for coming back, all I'm looking for is for the MX to be a DHCP server when used to terminate SSID tunnels, Meraki's validated design says use one-arm pass through mode but does not mention DHCP capabilities

VIP Mentor

Re: Meraki MX DHCP capabilities in SSID VPN concentrator mode

Yes, here you are right that the MX still can not provide DHCP. Is there any reason you don't want to use the upstream device at your MX-location for this task? There has to be a L3 device like a router or a firewall and that device should provide DHCP or at least send the DHCP-requests as a relay to the corporate DHCP server.

Beginner

Re: Meraki MX DHCP capabilities in SSID VPN concentrator mode

The reason for wanting the MX to provide DHCP is simply this is the case for the clients legacy on-prem wireless LAN controller. Effectively the client will need to provision a DHCP server for the Meraki solution as this functionality is not supported...shame really
VIP Mentor

Re: Meraki MX DHCP capabilities in SSID VPN concentrator mode

In this use case I would look into the option to use the MX as the main firewall and use NAT-mode where you also can use DHCP-server.

CreatePlease to create content
Content for Community-Ad

August's Community Spotlight Awards