Network Portability Overview and FAQ
Prerequisite: Organization must have API early release access and the API user needs to be a Full Organization admin on both organizations.
Caveats: As this is an early release and experimental feature, it is best tested with non-critical network.
Overview
Network Portability allows you to move networks between organizations on the same shard. Today, it allows for you to move configuration and nodes but not licensing or administrators. Licensing can be moved using the licensing APIs and is a separate process from moving the network. When dealing specifically with per-device licensing (PDL) model, the license will be removed from the node before the network is transferred.
Currently does not support:
-
Moving between orgs hosted on different shard
-
Moving between subscription organizations
-
Moving Systems Manager (SM) networks
-
Moving templates or networks bound to templates
-
Wireless networks that have ever used billing on any configured SSIDs - this can be verified by determining if Wireless > Configure > Billing payout exists in the network; if this page exists, the network is not eligible for splitting
Use Case
Today, network portability can only be used using our beta API. This API will allow an administrator to move networks between organizations on the same shard. This will allow administrators to re-organize networks as they see fit and allow for a better experience when managing networks across multiple organizations.
To move a network:
POST /organizations/{organizationId}/networks/moves
Body:
{
target: "string" (ID of the organization to which the network is moving)
networkId: "string" (Network ID of the network to move)
}
This will initiate a background operation to move the network. A successful response will contain a URL to retrieve the operation for example polling it's status:
GET /organizations/{organizationId}/networks/moves/{networkMoveId }
FAQ
What is the impact on device operation during/after a Network move?
During the network move process, there is minimal downtime while devices are moved with their corresponding network. This allows the move to take place without any loss of device-specific configuration. Please note there may be a momentary disruption in operation during the network move itself.
Auto VPN is currently only for Meraki security appliances in the same dashboard organization. If Meraki MX appliance acting as an Auto VPN peer is moved to the new organization then it will need to be reconfigured as a third-party VPN peer to maintain its connection to devices in the organization it was moved from. The article Configuring Site-to-site VPN between MX Appliances in Different Organizations can be used for reference to configure third-party VPN tunnel.
There can be unexpected downtime if networks are moved to one organization that networks in the other rely on. For example moving a Meraki MX security appliance network to a new organization while it is configured as a VPN concentrator for a Meraki MR access point network in the original organization. Plan accordingly when moving a network to ensure all dependencies are accounted for.
What isn't copied between the original and new organizations?
The most impactful portion of a network move is that under Meraki security policy, we do not copy information into destination organizations. This move operation does NOT move licenses from one organization into another, but can be used to move devices from the original organization into an already established organization. Licensing would need to be reapplied or validated and in compliance after the move is completed.
In addition, by default, the recorded video in Meraki MV smart camera networks will be lost if they are migrated to a new organization. Note that no historical data will be transferred for the network(s) being moved; this includes event log and changelog entries for a network and the devices it contains.
Can network portability be used to move an organization into a new global region?
No. For regionalization, a new organization would need to be created in the desired global region, as outlined in the article Creating a Dashboard Account and Organization. Note that multiple organizations in the same region can be linked together under a single login by using the same username and password when creating a new organization.