Meraki

SopheakMang · ‎Mar 22 2020

Dear expert ,

i want to ask related to route flow on VPN MX ,

i have DC (VPN-CON) and DR(VPN-CON) , we also has 10 branches and peer with both DC and DR.

Everything working fine, but now we have some services that are in DR and DC don't have. so we want branches (MX spoke) access DR direct without going to DC MX(hub).

even i put local subnet 10.0.10.0/24 advertise in DR (site 2 site vpn) , Routing table at Spoke show that 10.0.10.0/24 is next hop DR-VPN , but when i do trace-route , it still go to DC MX , then go via VPN between MX DC to MX-DR.

any solution that , traffic will not to go DR direct ?

PhilipDAth · ‎Mar 22 2020

Have you configured the spokes to connect to both hubs?

SopheakMang · ‎Mar 23 2020

Dear philip,

Yes we have peer vpn to both site.

MerakiDave · ‎Mar 23 2020

Hi @SopheakMang it sounds like this should just be regular hub priority? Meaning, if you take out any static routes and/or local subnets, on your "branch" MX, on the Site-to-Site VPN config page, if you have defined both hub appliances, DC and DR, in that order, just grab the 4-way arrow and drag and drop DR to be the first in the list. Sorry if I misunderstood the question but that's what it sounded like.

SopheakMang · ‎Mar 30 2020

Dear bro ,

After done packet capture , it works as my expectation. Thanks

Meraki

Community

DC and DR subnets route in vpn

DC and DR subnets route in vpn