Meraki

Community

Azure VMX site to site VPN Hubs Resiliency

Solved
workmen
Here to help
Tuesday
Tuesday

Azure VMX site to site VPN Hubs Resiliency

HI All, 

 

Our company has 2 Azure VMX hubs for NALA Region. One of the hubs went down affecting only our Canada sites. My understanding is that it should fail over to the other VMX hub but unfortunately it didn't that is why our site Canada has been down for two hours. I checked with https://downdetector.ca/ and there is indeed a downtime occurred on Azure Canada. Is there any additional configuration needed for it to failover to the other hub?

 

Thanks

Labels:
0 Kudos
1 Accepted Solution
RWelch
Kind of a big deal
Kind of a big deal
Tuesday
Tuesday

Would the HA vMX offer the failover you are seeking? 

 

Deploying Highly Available vMX in Azure 

In order to provide High Availability for vMXs in Azure, Azure functions can be utilized to facilitate automatic failover between a primary and standby vMX. User-defined routes (UDRs) are utilized to override the Azure default system routes by directing traffic to the active vMX in an active-passive pair. If the active vMX fails, the Azure route table changes the next hop to the secondary vMX. 

For deploying vMX Network Virtual Appliances from the Azure marketplace, please reference our vMX Setup Guide for Microsoft Azure.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.

View solution in original post

0 Kudos
2 Replies 2
RWelch
Kind of a big deal
Kind of a big deal
Tuesday
Tuesday

Would the HA vMX offer the failover you are seeking? 

 

Deploying Highly Available vMX in Azure 

In order to provide High Availability for vMXs in Azure, Azure functions can be utilized to facilitate automatic failover between a primary and standby vMX. User-defined routes (UDRs) are utilized to override the Azure default system routes by directing traffic to the active vMX in an active-passive pair. If the active vMX fails, the Azure route table changes the next hop to the secondary vMX. 

For deploying vMX Network Virtual Appliances from the Azure marketplace, please reference our vMX Setup Guide for Microsoft Azure.

If you found this post helpful, please give it Kudos. If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
Wednesday
Wednesday

You need to do what @RWelch said or use the more modern BGP method.

https://documentation.meraki.com/MX/Deployment_Guides/vMX_and_Azure_Route_Server

 

More than likely, there is something wrong with your failover configuration.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
© 2025 Cisco Systems, Inc.