Wireless Access

Reply
Occasional Contributor II
Posts: 137
Registered: ‎10-05-2015

Add switch from customers site

We want to add a cisco meraki switch from our customer.
Adding a universal snmp device, we need t provide an ip , should this be the Public Wan IP from customer office, or the lan ip of switch?
MVP
Posts: 1,357
Registered: ‎11-07-2008

Re: Add switch from customers site

I assume your AMP server is on a different network and you connect to your customer site through their public IP? Do they only have a single public IP? And do you have a VPN connection between your network and theirs? If you have a VPN, you can point to their local IP. If you do not, they will have to enable port forwarding for SNMP and likely PING from their public to their internal Merakit switch IP (this might not be possible, it depends on their setup). If they have multiple public IPs, they can NAT their meraki to one of their publics not in use.

Jerrod Howard
Sr. Techical Marketing Engineer
Occasional Contributor II
Posts: 137
Registered: ‎10-05-2015

Re: Add switch from customers site

Our Airwave is in a datacenter and manages customers IAP clusters. So no we are not connected to their LAN or connected by VPN.

So this customer has one Meraki.

Another customer has 4 switches - we probably have to monitor - using Airwave. So hows that working then, when no vpn is in place, and assume they have mac two wan ip's?
MVP
Posts: 1,357
Registered: ‎11-07-2008

Re: Add switch from customers site

Unless someone else on here has a better idea, if their network is private and yours is private, separated by the internet, you either need a VPN, or they have to do some specific NAT-rules and/or port-forwarding on their side to present to you access to their internal IPs from an external networks/internet. 

Jerrod Howard
Sr. Techical Marketing Engineer
Occasional Contributor II
Posts: 23
Registered: ‎09-02-2015

Re: Add switch from customers site

I would always setup a vpn to each customer with ACL's on it. Never send this management traffic over the Internet. But that's just my two cents
Cheers,
Frank
Life off the wire
MVP
Posts: 1,357
Registered: ‎11-07-2008

Re: Add switch from customers site

1000% agree with MrZero, but if you don't care about security and you use RO SNMP strings and proper firewalls, risk can be minimized. It's just MUCH more work and likely equipment to get a proepr firewall with ACLs at each customer site versus standing up a simple VPN solution.

Jerrod Howard
Sr. Techical Marketing Engineer
Search Airheads
Showing results for 
Search instead for 
Did you mean: