<\/strong>Connecting the Meraki MX to the Internet (Part 2)<\/strong><\/a><\/p>\n\n\n\n
In Option 6 and 8 of Part 2, I use a link between the two WAN switches:<\/p>\n\n\n
![\"\"](\"https:\/\/cyber-fi.net\/wp-content\/uploads\/2024\/02\/5-Dual-MX-2-ISP-2-1024x374.jpg\")
<\/figure>\n<\/div>\n\n\nOne question could be if this link is really needed. And as always, the answer is \u201eit depends\u201c.<\/p>\n\n\n\n
For me, there are typically two reasons to use the setup with the cross-link:<\/p>\n\n\n\n
Limited ports on the Firewall<\/h3>\n\n\n\n
To be able to manage both switches, they need to be reachable from the active firewall. With the cross-link, we have the direct link from the active firewall to switch one, and reach switch two via the cross-link between switch one and switch two.<\/p>\n\n\n\n
Without the cross-link, we need two links from both firewalls to both switches:<\/p>\n\n\n
![\"\"](\"https:\/\/cyber-fi.net\/wp-content\/uploads\/2025\/11\/WAN-Switches.jpg\")
<\/figure>\n<\/div>\n\n\nAnd if we have devices with a small number of interfaces like the MX64 or the MX67, we are \u201ewasting\u201c two interfaces instead of using only one per firewall.<\/p>\n\n\n\n
Additional devices on the WAN switches<\/h3>\n\n\n\n
Because of the limitations of extranet L2L-VPNs on the MX, I often pair a Cisco Secure Firewall with the MX. Depending on the setup, I sometimes prefer to have both (or more) ISPs on a single interface using subinterfaces instead of having one interface per ISP.<\/p>\n\n\n\n
With this setup, the firewall connected to WAN-switch one needs to be able to reach the ISP router connected to WAN-switch 2. And this is also done through the cross-link:<\/p>\n\n\n
![\"\"](\"https:\/\/cyber-fi.net\/wp-content\/uploads\/2025\/11\/WAN-Switches2.jpg\")
<\/figure>\n<\/div>\n\n\nWould I say that the setup with a cross-link is better than a setup without? No, it\u2019s only different and both can be the right solution based on the environment.<\/p>\n\n\n\n
Always stay connected!<\/p>\n","protected":false},"excerpt":{"rendered":"
This is Part 3 of the \u201eConnecting Meraki MX to \u2026\u201c series. How to connect the Meraki MX to MS switches (Part 1)Connecting the Meraki MX to the Internet (Part 2) In Option 6 and 8 of Part 2, I use a link between the two WAN switches: One question could be if this link <\/p>\n