Meraki

Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Communication in Wan 2 is failed - SDWAN

Solved
aedm87
Conversationalist
‎Mar 18 2019 6:37 AM
‎Mar 18 2019 6:37 AM

Communication in Wan 2 is failed - SDWAN

Hi dears,

 

Community I need your help.

 

MX-HQ - MX in the HQ

MX-B - MX in the branch

 

I am trying run SD-WAN between HQ and branch, in wan 1 have connected a DIA and in wan 2 have connected the circuit mpls.

The communication in wan 1 is successfully to MX-HQ throug Internet, but the communication in wan 2 throug mpls is failed.

I have tested make a ping from MX-B to MX-HQ through the mpls circuit but there is not response. however, a ping from MX-B to the router in the branch that want replace with other ip address is successfully.

 

The segment mpls is a /25. so that all devices in this segment can see each other.

 

Any idea about this issue.

 

 

0 Kudos
1 Accepted Solution
In response to aedm87
jdsilva
Kind of a big deal
‎Mar 18 2019 9:45 AM
‎Mar 18 2019 9:45 AM

@aedm87 wrote:
 But in my case is necessary two wan active to run SD-WAN and understand that is possible with one DIA and one MPLS.

Sorry, but this is not currently possible. 

 

 

http://blog.brokennetwork.ca | @jdsilva

View solution in original post

14 Replies 14
NolanHerring
Kind of a big deal
‎Mar 18 2019 6:42 AM
‎Mar 18 2019 6:42 AM

If you could provide us with screenshots of the addressing and vlans and SD-WAN and Traffic Shaping pages please 😃
Nolan Herring | nolanwifi.com
TwitterLinkedIn
0 Kudos
In response to NolanHerring
aedm87
Conversationalist
‎Mar 18 2019 6:52 AM
‎Mar 18 2019 6:52 AM

Hi Nolan, thank you for your response.

 

For now I have not configured nothing in SD-WAN and Traffic Shaping. only enable wan 2 how primary uplink.

 

In addressing and vlans only I have created the subnets and vlans of the lan. without static route and of course the mx in mode routed.

 

 

0 Kudos
jdsilva
Kind of a big deal
‎Mar 18 2019 8:03 AM
‎Mar 18 2019 8:03 AM

@aedm87 wrote:

 

 

 and in wan 2 have connected the circuit mpls.

 

 

This is not supported. Meraki requires Internet access on the WAN ports of an MX. You cannot connect Private MPLS to the WAN port. You must use a LAN port (which means you can't use SD-WAN).

http://blog.brokennetwork.ca | @jdsilva
In response to jdsilva
aedm87
Conversationalist
‎Mar 18 2019 8:46 AM
‎Mar 18 2019 8:46 AM

Hi Jdsilva,

The Model is a MX67C, this model only has one wan but I enabled one lan port to that work it like a secondary wan.

you want tell me that is not necessary converted one lan port to wan port to connected the mpls circuit?

In that case, I understand then I would not really have load balancing between wan 1 and wan 2.
0 Kudos
In response to aedm87
Nash
Kind of a big deal
‎Mar 18 2019 9:12 AM
‎Mar 18 2019 9:12 AM

Are you trying to do something like AutoVPN as well as MPLS?

 

If so, Meraki has a document here on how to configure a failover situation. Please note that it does not discuss load balancing across the two links, as they are not both WAN.

 

Please also note that it clearly shows the MPLS connected as a LAN connection, as opposed to WAN. You might also find this article useful.

Windows 10 Client VPN scripts: Makes life better!
In response to Nash
aedm87
Conversationalist
‎Mar 18 2019 9:38 AM
‎Mar 18 2019 9:38 AM

Hi Nash,

Are you trying to do something like AutoVPN as well as MPLS?
Yes, that is the objective.

The documentation that you mentionate I have review it already. But in my case is necessary two wan active to run SD-WAN and understand that is possible with one DIA and one MPLS.
0 Kudos
In response to aedm87
jdsilva
Kind of a big deal
‎Mar 18 2019 9:45 AM
‎Mar 18 2019 9:45 AM

@aedm87 wrote:
 But in my case is necessary two wan active to run SD-WAN and understand that is possible with one DIA and one MPLS.

Sorry, but this is not currently possible. 

 

 

http://blog.brokennetwork.ca | @jdsilva
In response to jdsilva
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Mar 18 2019 2:18 PM
‎Mar 18 2019 2:18 PM

You can run AutoVPN over MPLS.  This is the deployment guide.  It allows for full SDN.

https://documentation.meraki.com/MX/Site-to-site_VPN/Configuring_Site-to-site_VPN_over_MPLS

 

You can use MPLS with simple failover to AutoVPN:

https://documentation.meraki.com/MX/Deployment_Guides/MPLS_Failover_to_Meraki_Auto_VPN

 

 

There is also a super new beta feature called NO-NAT available in the 15.x code.  The documentation for this has been removed as it is being updated, but you could consider this option as well.

In response to PhilipDAth
aedm87
Conversationalist
‎Mar 18 2019 7:50 PM
‎Mar 18 2019 7:50 PM

Thank you PhilipDAth,

I hope to release soon this version....
0 Kudos
In response to jdsilva
aedm87
Conversationalist
‎Mar 18 2019 7:48 PM
‎Mar 18 2019 7:48 PM

Wow that if is bad.

If the world is not perfect because technology has to be =(

0 Kudos
hianilz
Getting noticed
‎Jan 30 2022 3:30 AM
‎Jan 30 2022 3:30 AM

Hi All,

 

i am facing same kind of issues.., can some help on this ??

 

 my WAN1 is conencting to Internet and WAN2 is to MPLS.

 

I need to maintain a Auto VPN for both WAN's.. 

 

At the moment my WAN2 interface status showing as "Failed" and not able to ping the gateway(which is ISP router and directly connected)

 

I know WAN2 interface will be active once it has internet reachability., but for i am trying to add one static route pointing to my Firewall interface from same subnet.., but again below error i am getting.

 

"The static LAN route "test" has an invalid next hop IP. The IP address 10.20.33.236 is not on a configured subnet"

 

kindly suggest on anove problem as we deployment in a week.

 

0 Kudos
In response to hianilz
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jan 31 2022 11:24 AM
‎Jan 31 2022 11:24 AM

You can't add a static route via a WAN port, but you can add a flow preference - but these only work if the WAN port is marked as up - which it isn't in your case.

 

https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Load_Balancing_and_Flow_Preferen... 

0 Kudos
In response to PhilipDAth
hianilz
Getting noticed
‎Feb 1 2022 12:28 AM
‎Feb 1 2022 12:28 AM

Hi Phillip,

 

Thanks for your reply, I understood that we can not add static route via WAN port. But WAN2 port is still DOWN that will come up only if that interface reachable to Internet for that reason we want to add static rotue towards the LAN which firewall has Internet connection. 

Do you think if i add Flow Preference source as "MPLS Private subnet" and desitnation as "Dashboard IP's " and Preferred Link as "WAN1" which is Internet connected at the moment.

 

Please we need your advise on this problem.., we have deployment on Friday. 

0 Kudos
In response to hianilz
hianilz
Getting noticed
‎Feb 1 2022 12:44 AM
‎Feb 1 2022 12:44 AM

Hi @PhilipDAth  as per your suggistion i had added flow preference below is the error we are getting..,

 

There were errors in saving this configuration:

  • The IP address range 10.20.33.234/32 does not apply to any configured subnets.
  • The IP address range 10.20.33.235/32 does not apply to any configured subnets.

 

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.