Step by step to upgrade Azure vMX100 to vMX-M

Question

Step by step to upgrade Azure vMX100 to vMX-M

Sing Kit Cheng 96

Hello All,

I need to upgrade my exisiting vmx100 in Azure. Instructions from Meraki just says to delete the exsiting vmx100 and redeploy. We all know it's not that simple. My question is if anyone knows if it's better to redeploy into a new resource group or into the same resource group? If anyone has done this successfully, please let me know, would love to chat.

Thanks

Kit

kobulloc-MSFT 26,811 Reputation points Microsoft Employee Moderator

2023-03-13T18:45:35.78+00:00

Hello, @Sing Kit Cheng !

This is a Cisco image so I'm limited in how much insight I can provide, but it looks like on the Meraki forums people are using the vMX Setup Guide. This is the Azure version:
https://documentation.meraki.com/MX/MX_Installation_Guides/vMX_Setup_Guide_for_Microsoft_Azure

The Azure portion of this looks relatively well documented and straight forward. You'll use the Cisco Meraki vMX offer, deploy a VM in an availability zone (with a VNET and SD-WAN subnet), then add an Azure route table.
Sing Kit Cheng 96 Reputation points

2023-03-13T19:28:12.1133333+00:00

Hello,

Thank you for your response. Yes, it seem straight forward if it's a brand new deployment. However, this is an upgrade and the first step in the instruction is to delete the vm. No mention of whether the new one should be deployed into the same resource group or a new one. And also what are the differences between deploying the new one into the same resource group vs a new resource group. Will the new vm gets the same IP addresses? you know what I mean, lots of questions. Just wish there's a better documentation of the process.

Thanks

Kit
kobulloc-MSFT 26,811 Reputation points Microsoft Employee Moderator

2023-03-13T20:54:22.7+00:00

Hello, @Sing Kit Cheng !

Those are good questions. It looks like they are creating a new deployment (the resource group is "Cisco-Meraki-vMX") so my assumption is that this would be a new/clean setup. I would try reaching out on the Meraki forums for additional clarification:

https://community.meraki.com/t5/Meraki-Community/ct-p/meraki

Accepted answer

1 additional answer

Your answer

kobulloc-MSFT 26,811 Reputation points Microsoft Employee Moderator

2023-03-13T18:45:35.78+00:00

Hello, @Sing Kit Cheng !

This is a Cisco image so I'm limited in how much insight I can provide, but it looks like on the Meraki forums people are using the vMX Setup Guide. This is the Azure version:
https://documentation.meraki.com/MX/MX_Installation_Guides/vMX_Setup_Guide_for_Microsoft_Azure

The Azure portion of this looks relatively well documented and straight forward. You'll use the Cisco Meraki vMX offer, deploy a VM in an availability zone (with a VNET and SD-WAN subnet), then add an Azure route table.
Sing Kit Cheng 96 Reputation points

2023-03-13T19:28:12.1133333+00:00

Hello,

Thank you for your response. Yes, it seem straight forward if it's a brand new deployment. However, this is an upgrade and the first step in the instruction is to delete the vm. No mention of whether the new one should be deployed into the same resource group or a new one. And also what are the differences between deploying the new one into the same resource group vs a new resource group. Will the new vm gets the same IP addresses? you know what I mean, lots of questions. Just wish there's a better documentation of the process.

Thanks

Kit
kobulloc-MSFT 26,811 Reputation points Microsoft Employee Moderator

2023-03-13T20:54:22.7+00:00

Hello, @Sing Kit Cheng !

Those are good questions. It looks like they are creating a new deployment (the resource group is "Cisco-Meraki-vMX") so my assumption is that this would be a new/clean setup. I would try reaching out on the Meraki forums for additional clarification:

https://community.meraki.com/t5/Meraki-Community/ct-p/meraki

Answer 1

Hello, @Sing Kit Cheng !

I'm glad that you were able to resolve the issue and thank you so much for posting your solution so that others experiencing the same thing can easily reference this! Since the Microsoft Q&A community has a policy that "The question author cannot accept their own answer. They can only accept answers by others ", I'll repost your solution in case you'd like to "Accept " the answer to increase the visibility.

Issue:

I need to upgrade my existing vmx100 in Azure to vMX-M and am looking for step by step instructions.

Solution:

(Provided by @Sing Kit Cheng )

I hope this will help some one in their process. Below are the steps I took:

Delete the Managed Application in the vMX resource group in Azure

This will delete both resource groups created when creating the vMX

Delete vMX100 in Meraki Dashboard

Once applicant is removed, you will see the “Add vMX-S/M depending on the license you have

Rename network in Meraki Dashboard to match new vMX (optional step)

Redeploy vMX-S/M in Meraki Dashboard (into same network)

Confirm firmware is running MX 15.37+

Generate Authentication Token (must be used within one hour of generating it)

Take Authentication Token and create new vMX-S/M instance in Azure using the following:

New resource group

New VM name

New Application Name

New Managed Resource Group

Existing virtual network – same one the old vMX100 was using

Existing subnet – same one the old vMX100 was using (this will allow the new vMX-M to use the same route table and keep the same private IP address. You will get a different public IP address though)

After new vMX is deployed

The new vMX should have a new public IP address but the same private IP address

Check route table – make sure it is associated with the correct subnet (vMX100SN)

It should be in the same subnet as before

Check routes – make sure all routes have the same private Ips as next hop

Re-enable S2S Tunnel

Check to make sure it is a hub

Check to make sure all the local networks in the VPN settings (see screenshots)

Check each of the participating networks to make sure that they have the right hub for site-to-site VPN

References:

vMX Setup Guide for Microsoft Azure - Cisco Meraki

vMX100 to vMX S/M/L Transition FAQ - Cisco Meraki

Answer 2

I just upgraded my vMX100 to the vMX-M. I wasn't able to find a good step-by-step for this process so I am posting my steps. I hope this will help some one in their process.

Below are the steps I took:

Delete the Managed Application in the vMX resource group in Azure
This will delete both resource groups created when creating the vMX
Delete vMX100 in Meraki Dashboard
- Once applicant is removed, you will see the “Add vMX-S/M depending on the license you have
Rename network in Meraki Dashboard to match new vMX (optional step)
Redeploy vMX-S/M in Meraki Dashboard (into same network)
Confirm firmware is running MX 15.37+
Generate Authentication Token (must be used within one hour of generating it)
Take Authentication Token and create new vMX-S/M instance in Azure using the following:
- New resource group
- New VM name
- New Application Name
- New Managed Resource Group
- Existing virtual network – same one the old vMX100 was using
- Existing subnet – same one the old vMX100 was using (this will allow the new vMX-M to use the same route table and keep the same private IP address. You will get a different public IP address though)
After new vMX is deployed
- The new vMX should have a new public IP address but the same private IP address
- Check route table – make sure it is associated with the correct subnet (vMX100SN)
- It should be in the same subnet as before
- Check routes – make sure all routes have the same private Ips as next hop
Re-enable S2S Tunnel
- Check to make sure it is a hub
- Check to make sure all the local networks in the VPN settings (see screenshots)
- Check each of the participating networks to make sure that they have the right hub for site-to-site VPN

References:

Sullivan, Brandon 5 Reputation points

2023-12-12T19:01:59.89+00:00

Thanks a ton! This cleared up the same questions I had on an upcoming migration.

Share via

Step by step to upgrade Azure vMX100 to vMX-M

1 additional answer

Your answer