Azure vWAN VPN Automation

SOLVED
TaniaSanchez
Here to help

Azure vWAN VPN Automation

Hi!

 

I am trying to follow the steps for this document: Cisco Meraki MX Branch to Azure Virtual WAN Deployment Guide - Cisco Meraki

 

I have done everything as per the document, the function app gets deployed, it runs, no errors, everything is fine but no VPNs are deployed.

 

I have one single network in my lab with the tag as per the document. 

 

Screenshot 2021-04-09 162321.png

 

The function app has a role of network contributor: 

 

Screenshot 2021-04-09 162453.png

 

And I also created a VPN Gateway because even though the document says that the function app will do this I saw an error message saying that there was no VPN Gateway in the hub when I run the function app:

 

Screenshot 2021-04-09 162641.png 

And yes, the MX software is higher than 15.12. What am I missing?

 

Thanks!

 

Tania.

1 ACCEPTED SOLUTION
TaniaSanchez
Here to help

Hi!

 

Seeing there are no replies I will post what I found. Basically, everything was ok, the problem is that the app seems to do a preliminary check and then will create tunnels on subsequent checks when it finds a new site with the tag.

 

Solution: Make sure there are no tags when the function app is running, wait for the function app to do the first pass, this will take about 5-10 minutes (as the app runs every 5 minutes). Then add your tags. Then it works fine.

 

Another thing to note is that if you remove the tags then the tags are removed from the VPN configuration on the Meraki side and so no networks are passed and there is no connectivity, but the VPN that was created in Azure will remain there so no cleanup is done by the automation, only VPN creations.

 

Final thing to notice is that you must have created a VPN Gateway, the app doesn't create this for you. This is not mentioned in the document, where it just tells you that you need a VWAN and a VWAN Hub. You also need a VPN Gatway in the VWAN Hub you are going to tag.

 

I hope this is useful for anybody else testing this out.

View solution in original post

1 REPLY 1
TaniaSanchez
Here to help

Hi!

 

Seeing there are no replies I will post what I found. Basically, everything was ok, the problem is that the app seems to do a preliminary check and then will create tunnels on subsequent checks when it finds a new site with the tag.

 

Solution: Make sure there are no tags when the function app is running, wait for the function app to do the first pass, this will take about 5-10 minutes (as the app runs every 5 minutes). Then add your tags. Then it works fine.

 

Another thing to note is that if you remove the tags then the tags are removed from the VPN configuration on the Meraki side and so no networks are passed and there is no connectivity, but the VPN that was created in Azure will remain there so no cleanup is done by the automation, only VPN creations.

 

Final thing to notice is that you must have created a VPN Gateway, the app doesn't create this for you. This is not mentioned in the document, where it just tells you that you need a VWAN and a VWAN Hub. You also need a VPN Gatway in the VWAN Hub you are going to tag.

 

I hope this is useful for anybody else testing this out.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels