Showing results for 
Show  only  | Search instead for 
Did you mean: 

Configure WAN Failover for specific clients (tags) and/or VLANs?

New here

Configure WAN Failover for specific clients (tags) and/or VLANs?

We currently have a fiber primary WAN connection.  We have a specific VLAN that is highly dependent on constant internet connection, and thus we have a VSAT (satellite) back up WAN connection.  


The VSAT is pay for use and VERY expensive.  Is there a way to configure our MX for WAN failover so only specific VLANs can failover to the VSAT connection in cases when the primary WAN connection goes down?  Alternatively, would we be able to tag certain clients/ports/users that can access the VSAT connection during a primary outage situation?  

Meraki Employee

Re: Configure WAN Failover for specific clients (tags) and/or VLANs?

Absolutely, to begin with you could select your fiber to be the primary path for all traffic. The VSAT link could sit on the other WAN port but through settings in Security Appliance > Traffic Shaping, be told to only ever pass traffic when your fiber is down.


You'd have to get Meraki Support or your Meraki SE to enable this - but we can enable functionality where when failing over to your other WAN path we can enable the use of the cellular firewall rules you define that those page. This means you could have additional firewall rules enforced when you start using your VSAT path. IE. to block out non-critical VLANs, backups, etc.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.