Skip to main content
Cisco Meraki Documentation

MG IP Passthrough

  1. Last updated
  2. Save as PDF

Overview

We are introducing the option to deploy an MG in IP Passthrough mode to provide connectivity to downstream devices and allow for more deployment options. The throughput and latency benefits of 5G and the wider adoption of IPv6 is expanding everyone’s ability to directly communicate with client devices downstream of a cellular gateway.  IP Passthrough means that the MG will not perform NAT or PAT on traffic traversing through the MG.

Requirements

Supported models

MG51, MG51E, MG41 and MG41E

Firmware version

MG 3.0+

Functionality

The design and implementation of MG IP Passthrough has some similarities to how an MX’s passthrough configuration functions, see more details below:

  • The MG provides transparent connectivity to the cellular network for 1 downstream device

    • There is only 1 IP address that is handed out via DHCP

  • The MG will use the same IP address from the provider or Network IP 

  • All traffic to/from the LAN client will not undergo NAT or PAT translation and as such flow between the client and the cellular network more directly. This also means that we would not expect to see any client or throughput tracking under Network-wide > Clients.

Configuring

You can select the MG deployment mode by going to Cellular gateways > Settings then selecting Passthrough mode.

Addressing and VLANs Dashboard page showing Passthrough mode option set

Routed mode is the default operating mode for MG

MG communication

The MG will source its traffic through the same IP address as the LAN client before being sent out of the cellular interface. While the MG is operating in IP Passthrough mode, the MG will do the following:

  • Labeled LAN port 1 will be disabled

  • Will use labeled port 2 to pass traffic to the LAN client. 

  • Allows access to the MG’s local status page through URLs such as mg.meraki.com and the MG IP Address. 

  • Will not have an option to configure a DHCP pool since the MG will not be performing NAT

  • May cause a few minutes of downtime if the cellular connection experiences a  disconnection and reconnection event for the LAN client while the device waits to renew its IP address between the MG and the LAN client.

DHCP Renews happen at 50% and 87.5% of lease time. If downstream equipment does not come online after the MG is configured in passthrough mode, then consider rebooting the MG or bouncing the port upstream of the equipment that is not coming online.


If a longer lease time is in use, this can be avoided by proactively decreasing the lease time and allowing the original lease time to pass.

If an MG operating in IP Passthrough mode is moved into WAN safe mode the MG will then be placed into NAT mode. Please keep in mind the MG will perform a soft reset when moving into WAN safe mode, which can cause traffic disruptions.

There is also an API endpoint that will be introduced to enable and disable IP Passthrough! This endpoint is /v1/networks/{networkId}/cellularGateway/subnetPool.

The MG running 3.0+ in passthrough mode will not track any client information on the DHCP tab.

Downgrading MG Firmware Before MG 3.0 with IP Passthrough Enabled

We will automatically set the network’s Deployment mode configuration to be Routed and the MG will use this configuration once it has finished downgrading its firmware.

  1. Back to top
  • Was this article helpful?

Recommended articles

  1. Article type
    Topic
    Stage
    Draft
  2. Tags
    1. MG IP Passthrough