reference deployment

Cisco Meraki Virtual MX with AWS Transit Gateway

Secure SD-WAN traffic between branch offices to resources on the AWS Cloud

View deployment guide

This Quick Start deploys Cisco Meraki Virtual MX (vMX) on the Amazon Web Services (AWS) Cloud. It helps organizations connect software-defined wide area networks (SD-WANs) to applications running on AWS.

Meraki vMX is a virtualized security and SD-WAN network appliance. This Quick Start deploys vMX as a node to extend the common policy, segmentation, and security of SD-WAN environments at scale. The deployment includes an active-active pair of redundant vMX appliances in a highly available configuration. Each vMX is configured as an SD-WAN and Auto VPN (virtual private network) node. With AWS Transit Gateway as a cloud router, connectivity can be scaled across virtual private clouds (VPCs) with workloads in multiple AWS Regions. You can configure, monitor, and maintain all of your Meraki devices from a single Meraki dashboard.

Cisco logo

This Quick Start was developed by Cisco Systems Inc. in collaboration with AWS. Cisco Systems Inc. is an AWS Partner.

  •  What you'll build

  • This Quick Start sets up the following:

    • A highly available architecture that spans two Availability Zones.*
    • A VPC configured with public and private subnets, according to AWS best practices, to provide you with your own virtual network on AWS.*
    • An internet gateway that connects the VPC to the internet.
    • A VPC route table associated with the public subnets to specify routing rules for outbound internet traffic.
    • In the public subnets, Meraki vMX appliances on Amazon Elastic Compute Cloud (Amazon EC2) instances.
    • In the private subnets, elastic network interfaces to enable traffic routing from all subnets in the Availability Zone to AWS Transit Gateway.
    • AWS Transit Gateway attached to the VPC, enabling connectivity to attached workload VPCs in other Regions.
    • A transit gateway route table associated with the VPC for routing rules to AWS Transit Gateway.
    • Amazon CloudWatch to collect logs of vMX instance performance.
    • AWS Lambda to monitor the state of the vMX instances. If an instance fails, AWS Lambda updates route tables to point to a healthy instance and logs the event in CloudWatch.
    • AWS Secrets Manager to store a Meraki API key. AWS Lambda uses the API key to access the Meraki dashboard when updating route tables.

    *  The template that deploys the Quick Start into an existing VPC skips the components marked by asterisks and prompts you for your existing VPC configuration.

  •  How to deploy

  • To deploy Cisco Meraki Virtual MX, follow the instructions in the deployment guide. The deployment process takes about 15 minutes and includes these steps:

    1. Sign in to your AWS account. If you don't have an account, sign up at https://aws.amazon.com.
    2. Launch the Quick Start. Before you create the stack, choose the AWS Region from the top toolbar. Choose from the following options:
    3. Test the deployment. 

    Amazon may share user-deployment information with the AWS Partner that collaborated with AWS on this solution.  

    View deployment guide for details
  •  Cost and licenses

  • This Quick Start requires a subscription to the Amazon Machine Image (AMI) for Cisco Meraki vMX, available on AWS Marketplace. It also requires two Cisco Meraki vMX licenses, available from a Cisco Meraki reseller. Additional pricing, terms, and conditions may apply. 

    You are responsible for the cost of the AWS services and any third-party licenses used while running this Quick Start reference deployment. There is no additional cost for using the Quick Start.

    The AWS CloudFormation templates for this Quick Start include configuration parameters that you can customize. Some of the settings, such as the instance type, affect the cost of deployment. For cost estimates, see the pricing pages for each AWS service you use. Prices are subject to change.

    Tip: After you deploy the Quick Start, create AWS Cost and Usage Reports to track costs associated with the Quick Start. These reports deliver billing metrics to an Amazon Simple Storage Service (Amazon S3) bucket in your account. They provide cost estimates based on usage throughout each month and aggregate the data at the end of the month. For more information about the report, see What are AWS Cost and Usage Reports?