Meraki MX400 NAT Question
-
@Markferron said in Meraki MX400 NAT Question:
@Mike-Davis Thanks Mike! I talked to Meraki support yesterday and that's exactly what the tech told me. I was just surprised that it was the basically the only solution.
Behind the scenes, those settings are just creating Source NAT (SNAT) and Destination NAT (DNAT) rules for each subnet.
That is simply how NAT works. I can show you how to do the same thing on an EdgeRouter.
You always assign the ISP IP block to your WAN and then use SNAT/DNAT to tell things where to go internally.
-
@JaredBusch said in Meraki MX400 NAT Question:
@Markferron said in Meraki MX400 NAT Question:
@Mike-Davis Thanks Mike! I talked to Meraki support yesterday and that's exactly what the tech told me. I was just surprised that it was the basically the only solution.
Behind the scenes, those settings are just creating Source NAT (SNAT) and Destination NAT (DNAT) rules for each subnet.
That is simply how NAT works. I can show you how to do the same thing on an EdgeRouter.
You always assign the ISP IP block to your WAN and then use SNAT/DNAT to tell things where to go internally.
Sadly, they're stuck with the Meraki for the time being.
-
@dafyre said in Meraki MX400 NAT Question:
Sadly, they're stuck with the Meraki for the time being.
What makes them stuck?
-
@dafyre said in Meraki MX400 NAT Question:
@JaredBusch said in Meraki MX400 NAT Question:
@Markferron said in Meraki MX400 NAT Question:
@Mike-Davis Thanks Mike! I talked to Meraki support yesterday and that's exactly what the tech told me. I was just surprised that it was the basically the only solution.
Behind the scenes, those settings are just creating Source NAT (SNAT) and Destination NAT (DNAT) rules for each subnet.
That is simply how NAT works. I can show you how to do the same thing on an EdgeRouter.
You always assign the ISP IP block to your WAN and then use SNAT/DNAT to tell things where to go internally.
Sadly, they're stuck with the Meraki for the time being.
Man, for the price of a license refresh you could get an even more powerful router from another vendor.
-
@coliver said in Meraki MX400 NAT Question:
@dafyre said in Meraki MX400 NAT Question:
@JaredBusch said in Meraki MX400 NAT Question:
@Markferron said in Meraki MX400 NAT Question:
@Mike-Davis Thanks Mike! I talked to Meraki support yesterday and that's exactly what the tech told me. I was just surprised that it was the basically the only solution.
Behind the scenes, those settings are just creating Source NAT (SNAT) and Destination NAT (DNAT) rules for each subnet.
That is simply how NAT works. I can show you how to do the same thing on an EdgeRouter.
You always assign the ISP IP block to your WAN and then use SNAT/DNAT to tell things where to go internally.
Sadly, they're stuck with the Meraki for the time being.
Man, for the price of a license refresh you could get an even more powerful router from another vendor.
A better one
-
Gotta convince the bean counters, and they'll be unhappy for the next 2 to 3 years, lol.
-
@dafyre said in Meraki MX400 NAT Question:
Gotta convince the bean counters, and they'll be unhappy for the next 2 to 3 years, lol.
Even if you're saving them money?
-
@coliver said in Meraki MX400 NAT Question:
@dafyre said in Meraki MX400 NAT Question:
Gotta convince the bean counters, and they'll be unhappy for the next 2 to 3 years, lol.
Even if you're saving them money?
Can't save something that's already spent.
-
@coliver said in Meraki MX400 NAT Question:
@dafyre said in Meraki MX400 NAT Question:
Gotta convince the bean counters, and they'll be unhappy for the next 2 to 3 years, lol.
Even if you're saving them money?
Yepp. AFAIK, the license and maintenance were all rolled together. But this was after I left, so I dunno.
-
@Dashrender said in Meraki MX400 NAT Question:
@coliver said in Meraki MX400 NAT Question:
@dafyre said in Meraki MX400 NAT Question:
Gotta convince the bean counters, and they'll be unhappy for the next 2 to 3 years, lol.
Even if you're saving them money?
Can't save something that's already spent.
But you can save against future costs. For instance a 3-year renewal.
-
@coliver said in Meraki MX400 NAT Question:
@Dashrender said in Meraki MX400 NAT Question:
@coliver said in Meraki MX400 NAT Question:
@dafyre said in Meraki MX400 NAT Question:
Gotta convince the bean counters, and they'll be unhappy for the next 2 to 3 years, lol.
Even if you're saving them money?
Can't save something that's already spent.
But you can save against future costs. For instance a 3-year renewal.
Sure, but that's years from now...
-
@dafyre said in Meraki MX400 NAT Question:
Gotta convince the bean counters, and they'll be unhappy for the next 2 to 3 years, lol.
Why? If you are saving them money, what would make them unhappy?
-
@Dashrender said in Meraki MX400 NAT Question:
@coliver said in Meraki MX400 NAT Question:
@dafyre said in Meraki MX400 NAT Question:
Gotta convince the bean counters, and they'll be unhappy for the next 2 to 3 years, lol.
Even if you're saving them money?
Can't save something that's already spent.
But what's already spent?
-
@dafyre said in Meraki MX400 NAT Question:
@coliver said in Meraki MX400 NAT Question:
@dafyre said in Meraki MX400 NAT Question:
Gotta convince the bean counters, and they'll be unhappy for the next 2 to 3 years, lol.
Even if you're saving them money?
Yepp. AFAIK, the license and maintenance were all rolled together. But this was after I left, so I dunno.
Ah, well two things...
- Is it STILL saving them money? Check it out.
- It should make them unhappy with whoever selected the Meraki, not you.
-
@Dashrender said in Meraki MX400 NAT Question:
@coliver said in Meraki MX400 NAT Question:
@Dashrender said in Meraki MX400 NAT Question:
@coliver said in Meraki MX400 NAT Question:
@dafyre said in Meraki MX400 NAT Question:
Gotta convince the bean counters, and they'll be unhappy for the next 2 to 3 years, lol.
Even if you're saving them money?
Can't save something that's already spent.
But you can save against future costs. For instance a 3-year renewal.
Sure, but that's years from now...
In the meantime, saving against additional technical debt risks and unnecessary effort.
-
The MX400 is sunk cost. At that point, that money is gone, it's not part of the equation. Now today, the question is, going forward, does messing with the MX400, keeping it around and potentially investing more into it or needing to work around limitations justify not spending $300 on a replacement system?
-
@scottalanmiller said in Meraki MX400 NAT Question:
@Dashrender said in Meraki MX400 NAT Question:
@coliver said in Meraki MX400 NAT Question:
@Dashrender said in Meraki MX400 NAT Question:
@coliver said in Meraki MX400 NAT Question:
@dafyre said in Meraki MX400 NAT Question:
Gotta convince the bean counters, and they'll be unhappy for the next 2 to 3 years, lol.
Even if you're saving them money?
Can't save something that's already spent.
But you can save against future costs. For instance a 3-year renewal.
Sure, but that's years from now...
In the meantime, saving against additional technical debt risks and unnecessary effort.
This is always this.
-
@scottalanmiller said in Meraki MX400 NAT Question:
@dafyre said in Meraki MX400 NAT Question:
@coliver said in Meraki MX400 NAT Question:
@dafyre said in Meraki MX400 NAT Question:
Gotta convince the bean counters, and they'll be unhappy for the next 2 to 3 years, lol.
Even if you're saving them money?
Yepp. AFAIK, the license and maintenance were all rolled together. But this was after I left, so I dunno.
Ah, well two things...
- Is it STILL saving them money? Check it out.
- It should make them unhappy with whoever selected the Meraki, not you.
The team that is there now are the ones that have to convince the bean counters of the need to change. The Meraki APs that they have there are working out rather nicely though.
-
@dafyre said in Meraki MX400 NAT Question:
The team that is there now are the ones that have to convince the bean counters of the need to change. The Meraki APs that they have there are working out rather nicely though.
What defines "rather nicely"? Sounds like technical issues and high cost. Not sounding good to me
-
@dafyre said in Meraki MX400 NAT Question:
@scottalanmiller said in Meraki MX400 NAT Question:
@dafyre said in Meraki MX400 NAT Question:
@coliver said in Meraki MX400 NAT Question:
@dafyre said in Meraki MX400 NAT Question:
Gotta convince the bean counters, and they'll be unhappy for the next 2 to 3 years, lol.
Even if you're saving them money?
Yepp. AFAIK, the license and maintenance were all rolled together. But this was after I left, so I dunno.
Ah, well two things...
- Is it STILL saving them money? Check it out.
- It should make them unhappy with whoever selected the Meraki, not you.
The team that is there now are the ones that have to convince the bean counters of the need to change. The Meraki APs that they have there are working out rather nicely though.
I do like the Meraki APs... but you can rip and replace all of them for less then the cost of the maintenance and still get exactly the same functionality.
