How to upgrade vmx100 to vmx-m and / or can we deploy in parallel new vmx-m without interupting current production vmx100

Question

How to upgrade vmx100 to vmx-m and / or can we deploy in parallel new vmx-m without interupting current production vmx100

Jeetu Sharma 6

Meraki requested to upgrade vmx100 to vmx-m because vmx-100 is reaching end of life.

question - On Azure ,

How to upgrade vmx100 to vmx-m
Can we backup current vmx100 and restore into new vmx-m?
and / or can we deploy in parallel new vmx-m without interupting current production vmx100 ?

Thank you
Jeetu

Sing Kit Cheng 96 Reputation points

2023-03-13T15:58:44.84+00:00

Hello Jeetu,

I am in the same situation now. Did you ever get any answer to your questions? Your questions were in June of 2022, have you upgraded your vmx100 to vmx-m? If so, I would really appreciate it if you can tell me your process, especially on the Azure side of things. You can email me directly if you want, ******@irm.com.

Thank you

Kit

2 answers

Your answer

Sing Kit Cheng 96 Reputation points

2023-03-13T15:58:44.84+00:00

Hello Jeetu,

I am in the same situation now. Did you ever get any answer to your questions? Your questions were in June of 2022, have you upgraded your vmx100 to vmx-m? If so, I would really appreciate it if you can tell me your process, especially on the Azure side of things. You can email me directly if you want, ******@irm.com.

Thank you

Kit

Answer 1

just an update. I've done my upgrade and thought I'll share my step-by-steps, hopefully it might help someone else.

Upgrade step by step

Delete the Managed Application in the vMX resource group in Azure
- This will delete both resource groups created when creating the vMX
Delete vMX100 in Meraki Dashboard
- Once applicant is removed, you will see the “Add vMX-S/M depending on the license you have
Rename network in Meraki Dashboard to match new vMX (optional step)
Redeploy vMX-S/M in Meraki Dashboard (into same network)
Confirm firmware is running MX 15.37+
Generate Authentication Token (must be used within one hour of generating it)
Take Authentication Token and create new vMX-S/M instance in Azure using the following:
- New resource group
- New VM name
- New Application Name
- New Managed Resource Group
- Existing virtual network – same one the old vMX100 was using
- Existing subnet – same one the old vMX100 was using
After new vMX is deployed
- The new vMX should have a new public IP address but the same private IP address
- Check route table – make sure it is associated with the correct subnet
- It should be in the same subnet as before
- Check routes – make sure all routes have the same private Ips as next hop
- Check NSGs
  - Make sure it is associated with the correct subnet
  - make sure correct private IP addresses is in the appropriate NSGs
Re-enable S2S Tunnel
- Check to make sure it is a hub
- Check to make sure all the local networks in the VPN settings
- Check each of the participating networks to make sure that they have the right hub for site-to-site VPN

References:

James Smit 0 Reputation points

2024-12-15T16:14:52.8733333+00:00

Used this documentation, worked well and better than expected.
I did add 2x backup steps in, Fully documented Meraki Network all settings and made Azure backups, just in case

2hour cutover & testing overall with 23x remote site-2-sites.

Answer 2

Bobby Hamersley 0

Hello To the both of you,

I am in the same situation. I was informed by Meraki sales engineer that I will be able to renew my VMX100 license and as we all know that is not the case. I have about 3 weeks to migrate over to the VMX-M or I will run out of time on my license.

Here is some online articles I have found:

https://documentation.meraki.com/MX/MX_Installation_Guides/vMX_Setup_Guide_for_Amazon_Web_Services_(AWS)

https://documentation.meraki.com/MX/Deployment_Guides/vMX100_to_vMX_S%2F%2FM%2F%2FL_Transition_FAQ

https://documentation.meraki.com/MX/MX_Installation_Guides/vMX_Setup_Guide_for_Amazon_Web_Services_(AWS)

Site to site VPN connection without the VMX at all:

https://ritcsec.wordpress.com/2018/08/12/a-visual-guide-to-setting-up-a-meraki-to-aws-site-to-site-vpn/

https://aws.amazon.com/quickstart/architecture/cisco-meraki-vmx/

https://www.ifm.net.nz/cookbooks/meraki-vpn-to-amazon-aws.html

I am looking for any kind of suggestions.

Bobby Hamersley

Sing Kit Cheng 96 Reputation points

2023-03-14T19:22:21.4066667+00:00
Hello Bobby,

I am in the exact same boat as you are. I've been doing some planning and basically waiting for Meraki to confirm my step by step procedure. Without going into details, I think they are:

Delete the vMX100 in Azure

Delete the vMX100 in Meraki Dashboard

Deploy new vMX-M in Meraki Dashboard

Generate Authentication Token

Take Authentication Token and create new vMX-M in Azure

My plan is to deploy into new resource group but in same subnet

Once new vMX-M in Azure is deploy and vMX-M in Meraki Dashboard is online, re-enable S2S Tunnel. Of course have to make sure the tunnel is setup the same as the old one

Also have to make sure that the route table and NSGs in Azure is associated to the correct subnet

I have not done our upgrade yet but this is my checklist at this point. I sent it to Meraki asking them to see if it makes sense.

Hope it helped you.

Kit

Share via

How to upgrade vmx100 to vmx-m and / or can we deploy in parallel new vmx-m without interupting current production vmx100

2 answers

Your answer