This is the beauty of Meraki Auto-VPN. You don't need static IP addresses to establish the tunnels. Since they are cloud managed, the cloud knows their public IP's and takes care of all the dark magic voodoo for you.
Each connection you have on the MX (WAN1/WAN2/CELL etc.) will build its own tunnel so fail-over should be smooth should one go down.
In theory your design should work though. I've done something similar, but the 4G was a backup. I'm sure your aware of the financial costs you could end up with using 4G as the main circuit 😃
I'd recommend you review this as well:
https://documentation.meraki.com/MX/Site-to-site_VPN/Site-to-site_VPN_Settings
Each connection you have on the MX (WAN1/WAN2/CELL etc.) will build its own tunnel so fail-over should be smooth should one go down.
In theory your design should work though. I've done something similar, but the 4G was a backup. I'm sure your aware of the financial costs you could end up with using 4G as the main circuit 😃
I'd recommend you review this as well:
https://documentation.meraki.com/MX/Site-to-site_VPN/Site-to-site_VPN_Settings
Actually after further review I'm not sure how it will work if your using that 4G dongle in addition to the built in. Not sure if you can use both to be honest
From this page: https://documentation.meraki.com/MX/MX_Overviews_and_Specifications/MX67_and_MX68_Overview_and_Speci...
Is this SD-WAN over LTE? Can LTE be used as the primary uplink?
No. LTE link can be used as failover or single-uplink only.
So I know you can use the built-in LTE by itself as I have done this. It will work, just not sure what will happen if you try to use that dongle 4G thing your talking about. A backup for the backup etc.
I can't find any documentation about using the new cellular models built-in LTE in addition to a USB dongle. I'm going to assume you can't. You'll just have to try it out lol.
What I do know will work (even though its not technically supported) is using two MX67C. Say one has Verizon and the other AT&T. So you have your redundancy carrier wise. And you can setup warm-spare with them (again not officially supported), but it does work. Fail-over won't be seamless, its about 5 seconds or more fail-over from my testing.
If your looking for more flexibility I think you could get two cradlepoints as your LTE 'modems', and plug them into WAN 1 and WAN 2 and the MX won't know they are LTE devices and just act like they are normal circuits. That would also allow you to mount them wherever you want via Ethernet cable, so they won't be stuck where the MX has to sit the way the built-in modem in the MX has to. Might get better signal that way etc.
What I do know will work (even though its not technically supported) is using two MX67C. Say one has Verizon and the other AT&T. So you have your redundancy carrier wise. And you can setup warm-spare with them (again not officially supported), but it does work. Fail-over won't be seamless, its about 5 seconds or more fail-over from my testing.
If your looking for more flexibility I think you could get two cradlepoints as your LTE 'modems', and plug them into WAN 1 and WAN 2 and the MX won't know they are LTE devices and just act like they are normal circuits. That would also allow you to mount them wherever you want via Ethernet cable, so they won't be stuck where the MX has to sit the way the built-in modem in the MX has to. Might get better signal that way etc.
