Meraki

guitb · ‎Jun 25 2025

Is there a way to block specific traffic to no use WAN 2 on the MX? Even if WAN 1 becomes unavailable, the traffic should be blocked.

alemabrahao · ‎Jun 25 2025

No, it's not, if you block a destination it is independent of which WAN you are using.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

Blue_Bird · ‎Jun 25 2025

Hi check this: https://community.meraki.com/t5/Security-SD-WAN/Restrict-traffic-on-the-failover-WAN/m-p/105615

jimmyt234 · ‎Jun 25 2025

There is a rumoured secret back-end feature that Meraki support can turn on that converts the Cellular failover rules to work as a WAN 2 firewall policy. Worth reaching out to support and getting clarification.

Re: Cellular Failover Ruleset Behavior - The Meraki Community

Solved: Heavily restricting allowed traffic on WAN2? - The Meraki Community

bperezgo · ‎Jun 25 2025

Hi @guitb,

I agree with @jimmyt234, please open a case with Support to request your network(s)/org is added a checkbox on the Firewall page to enable/disable cellular failover rules. You may reference this KB in the case description so we're aware of exactly what you're looking for!

The feature allows the Cellular Failover Rules to be used for when the non-primary uplink is activated. For example, if WAN 1 is primary and fails over to WAN 2 and the MX has this feature applied, the cellular failover rules will apply to traffic going over WAN 2 instead of the default Outbound rules. This is useful for customers that have a cellular to Ethernet bridge or a metered connection on their non-primary uplink.

Cheers,

If you found this post helpful, please give it kudos. If my answer solved your problem, click "accept as solution" so that others can benefit from it.

Meraki

Community

Block traffic on a specific WAN

Block traffic on a specific WAN