just an update. I've done my upgrade and thought I'll share my step-by-steps, hopefully it might help someone else.
Upgrade step by step
- Delete the Managed Application in the vMX resource group in Azure
- This will delete both resource groups created when creating the vMX
- Delete vMX100 in Meraki Dashboard
- Once applicant is removed, you will see the “Add vMX-S/M depending on the license you have
- Rename network in Meraki Dashboard to match new vMX (optional step)
- Redeploy vMX-S/M in Meraki Dashboard (into same network)
- Confirm firmware is running MX 15.37+
- Generate Authentication Token (must be used within one hour of generating it)
- Take Authentication Token and create new vMX-S/M instance in Azure using the following:
- New resource group
- New VM name
- New Application Name
- New Managed Resource Group
- Existing virtual network – same one the old vMX100 was using
- Existing subnet – same one the old vMX100 was using
- After new vMX is deployed
- The new vMX should have a new public IP address but the same private IP address
- Check route table – make sure it is associated with the correct subnet
- It should be in the same subnet as before
- Check routes – make sure all routes have the same private Ips as next hop
- Check NSGs
- Make sure it is associated with the correct subnet
- make sure correct private IP addresses is in the appropriate NSGs
- Re-enable S2S Tunnel
- Check to make sure it is a hub
- Check to make sure all the local networks in the VPN settings
- Check each of the participating networks to make sure that they have the right hub for site-to-site VPN
References: