Meraki

Community

Am I right? Auto VPN Hub routing

Blink
Comes here often
‎Mar 27 2025 2:43 AM
‎Mar 27 2025 2:43 AM

Am I right? Auto VPN Hub routing

We have Auto VPN with only one hub enabled and multiple spokes. Am I right in thinking that adding a second hub will, by default, become a failover for that hub without any extra config?

 

Please see diagram as to how I think it works. I assume that hub 2 install routes to all spokes but with a lesser route priority/higher cost?

 

Blink_0-1743068504254.png

Primary aim is to provide resilience to Hub 1 site.

0 Kudos
3 Replies 3
GreenMan
Meraki Alumni (Retired)
Meraki Alumni (Retired)
‎Mar 27 2025 4:15 AM
‎Mar 27 2025 4:15 AM

No - you would need to configure your spokes with the extra Hub.   The order in which you specify the Hubs (which one's nearer the top of the list) will determine, for each Spoke, which path is taken.    Note that, by default, you wouldn't need to configure, to advertise the route via the Hubs - spoke-to-spoke routing is enabled by default.

https://documentation.meraki.com/MX/Site-to-site_VPN/Site-to-Site_VPN_Settings#Configuring_Multiple_...

alemabrahao
Kind of a big deal
Kind of a big deal
‎Mar 27 2025 4:29 AM
‎Mar 27 2025 4:29 AM

As informed, you need to add the second HUB in the Site to Site VPN settings.

 

alemabrahao_0-1743074980054.png

 

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Blink
Comes here often
‎Mar 27 2025 4:32 AM
‎Mar 27 2025 4:32 AM

OK That makes sense, add second hub to all spokes... and this defines the failover topology... thanks all

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.