We are using the MX-84 appliances to connect our sites via auto-vpn setup. The site that has the shared resources has 2 Internet connections:
- WAN 1: 200 Mbps Microwave (our original Internet access which was replaced because it can be problematic)
- WAN 2: 200 Mbps Fiber (put in recently to replace Microwave as primary)
In SD-WAN settings we have the following settings:
- Primary Uplink - WAN 2 (the fiber connection)
- WAN Failover - Graceful
- Load Balancing - Disabled
- Active-Active VPN - Enabled
WAN 2 (the fiber) had no issues for the past year+ and still appeared to be working fine, however our site to site VPN tunnels fell over to the problematic WAN 1 the other day and caused a lot of issues with connecting to resources accross the WAN. It was very hard to realize this was the issue because Internet tests ran perfectly and showed traffic going out WAN 2. It took a little while for us to figure out it was due to the VPN failing over to WAN 1.
I assume that at some point WAN 2 had an issue and the VPN tunnels fell over to WAN 1, but shouldn't the VPN have fallen back to WAN 2 once any issue cleared up? Do I have to Disable Active Active to get to ensure the Primary WAN 2 is used?
