How to upgrade vmx100 to vmx-m and / or can we deploy in parallel new vmx-m without interupting current production vmx100

Jeetu Sharma 6 Reputation points
2022-06-02T05:50:35.797+00:00

Meraki requested to upgrade vmx100 to vmx-m because vmx-100 is reaching end of life.

question - On Azure ,

  1. How to upgrade vmx100 to vmx-m
  2. Can we backup current vmx100 and restore into new vmx-m?
  3. and / or can we deploy in parallel new vmx-m without interupting current production vmx100 ?

Thank you
Jeetu

Community Center | Not monitored
{count} vote

2 answers

Sort by: Most helpful
  1. Sing Kit Cheng 96 Reputation points
    2023-03-28T18:50:18.8466667+00:00

    just an update. I've done my upgrade and thought I'll share my step-by-steps, hopefully it might help someone else.

     
    Upgrade step by step

    • Delete the Managed Application in the vMX resource group in Azure
      • This will delete both resource groups created when creating the vMX
    • Delete vMX100 in Meraki Dashboard
      • Once applicant is removed, you will see the “Add vMX-S/M depending on the license you have
    • Rename network in Meraki Dashboard to match new vMX (optional step)
    • Redeploy vMX-S/M in Meraki Dashboard (into same network)
    • Confirm firmware is running MX 15.37+
    • Generate Authentication Token (must be used within one hour of generating it)
    • Take Authentication Token and create new vMX-S/M instance in Azure using the following:
      • New resource group
      • New VM name
      • New Application Name
      • New Managed Resource Group
      • Existing virtual network – same one the old vMX100 was using
      • Existing subnet – same one the old vMX100 was using
    • After new vMX is deployed
      • The new vMX should have a new public IP address but the same private IP address
      • Check route table – make sure it is associated with the correct subnet
      • It should be in the same subnet as before
      • Check routes – make sure all routes have the same private Ips as next hop
      • Check NSGs
        • Make sure it is associated with the correct subnet
        • make sure correct private IP addresses is in the appropriate NSGs
    • Re-enable S2S Tunnel
      • Check to make sure it is a hub
      • Check to make sure all the local networks in the VPN settings
      • Check each of the participating networks to make sure that they have the right hub for site-to-site VPN

     
    References:

    1 person found this answer helpful.

  2. Bobby Hamersley 0 Reputation points
    2023-03-14T18:58:25.8833333+00:00

    Hello To the both of you,

    I am in the same situation. I was informed by Meraki sales engineer that I will be able to renew my VMX100 license and as we all know that is not the case. I have about 3 weeks to migrate over to the VMX-M or I will run out of time on my license.

    Here is some online articles I have found:

    https://documentation.meraki.com/MX/MX_Installation_Guides/vMX_Setup_Guide_for_Amazon_Web_Services_(AWS)

    https://documentation.meraki.com/MX/Deployment_Guides/vMX100_to_vMX_S%2F%2FM%2F%2FL_Transition_FAQ

    https://documentation.meraki.com/MX/MX_Installation_Guides/vMX_Setup_Guide_for_Amazon_Web_Services_(AWS)

    Site to site VPN connection without the VMX at all:

    https://ritcsec.wordpress.com/2018/08/12/a-visual-guide-to-setting-up-a-meraki-to-aws-site-to-site-vpn/

    https://aws.amazon.com/quickstart/architecture/cisco-meraki-vmx/

    https://www.ifm.net.nz/cookbooks/meraki-vpn-to-amazon-aws.html

    I am looking for any kind of suggestions.

    Bobby Hamersley


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.