Configure WAN Failover for specific clients (tags) and/or VLANs?

mizike2
New here

Configure WAN Failover for specific clients (tags) and/or VLANs?

We currently have a fiber primary WAN connection.  We have a specific VLAN that is highly dependent on constant internet connection, and thus we have a VSAT (satellite) back up WAN connection.  

 

The VSAT is pay for use and VERY expensive.  Is there a way to configure our MX for WAN failover so only specific VLANs can failover to the VSAT connection in cases when the primary WAN connection goes down?  Alternatively, would we be able to tag certain clients/ports/users that can access the VSAT connection during a primary outage situation?  

1 Reply 1
RyanB
Meraki Employee
Meraki Employee

Absolutely, to begin with you could select your fiber to be the primary path for all traffic. The VSAT link could sit on the other WAN port but through settings in Security Appliance > Traffic Shaping, be told to only ever pass traffic when your fiber is down.

 

You'd have to get Meraki Support or your Meraki SE to enable this - but we can enable functionality where when failing over to your other WAN path we can enable the use of the cellular firewall rules you define that those page. This means you could have additional firewall rules enforced when you start using your VSAT path. IE. to block out non-critical VLANs, backups, etc.

Get notified when there are additional replies to this discussion.