So here is what I'm trying to do. I client that has multiple branches they want each branch to be able to reach the other directly with out going to a HUB. (Full Mesh)
They want the default route of each site to go the WAN link vs going to a hub.
Is this possible.
All are Meraki MX 84 and above.
If I understand correctly what you want is split tunnel. You want the internet traffic to go to the local WAN of each MX device. And the traffic in between the subnets of your sites over the VPN.
Yes this is possible. Seeing as you want mesh, make all your MX's "Hub" and don't add an exit hub.
Keep in mind that with a mesh setup the number of VPN tunnels need goes up really quickly. Make sure your MX's have a high enough number of supported VPN tunnels to handle the number needed. How many branches does your client have, and how many uplinks does each MX use?
Thanks for the reply. The client only has 4 - 5 branches so it is not a large deployment. How do you differentiate between a regular hub and exit hub? I have not seen anything in the documentation.
Okay 4-5 branches should be okay on an MX84 full mesh setup (even with 2 WAN-uplinks).
An exit hub means that all traffic that would normally go to the default route will in fact be sent to that exit hub instead. Effectively this concentrates all your traffic to a single break-out point. In your case I think this is exactly what you don't want. You want traffic destined for the internal subnets to be transferred over the VPN but other traffic destined for the internet to break out locally.