cancel
Showing results for 
Search instead for 
Did you mean: 

Meraki Support Down?

Just browsing

Meraki Support Down?

Been trying to reach Meraki support by phone for the last few hours. Longest I waited on hold was close to 30 minutes before I gave up.

 

Thanks,

5 REPLIES
Head in the Cloud

Re: Meraki Support Down?

No idea, but can we help?

Just browsing

Re: Meraki Support Down?

Hello, 

 

So here is what I'm trying to do. I client that has multiple branches they want each branch to be able to reach the other directly with out going to a HUB. (Full Mesh)

 

They want the default route of each site to go the WAN link vs going to a hub. 

 

Is this possible. 

 

All are Meraki MX 84 and above. 

 

Thanks, 

Head in the Cloud

Re: Meraki Support Down?

If I understand correctly what you want is split tunnel. You want the internet traffic to go to the local WAN of each MX device. And the traffic in between the subnets of your sites over the VPN.

 

Yes this is possible. Seeing as you want mesh, make all your MX's "Hub" and don't add an exit hub.

https://documentation.meraki.com/MX/Site-to-site_VPN/Configuring_Hub-and-spoke_VPN_Connections_on_th...

 

Keep in mind that with a mesh setup the number of VPN tunnels need goes up really quickly. Make sure your MX's have a high enough number of supported VPN tunnels to handle the number needed. How many branches does your client have, and how many uplinks does each MX use?

 

 

Just browsing

Re: Meraki Support Down?

Thanks for the reply. The client only has 4 - 5 branches so it is not a large deployment. How do you differentiate between a regular hub and exit hub? I have not seen anything in the documentation. 

 

Head in the Cloud

Re: Meraki Support Down?

Okay 4-5 branches should be okay on an MX84 full mesh setup (even with 2 WAN-uplinks).

 

An exit hub means that all traffic that would normally go to the default route will in fact be sent to that exit hub instead. Effectively this concentrates all your traffic to a single break-out point. In your case I think this is exactly what you don't want. You want traffic destined for the internal subnets to be transferred over the VPN but other traffic destined for the internet to break out locally.