Force traffic out WAN 2 when WAN status showing as failed

UCcert
Kind of a big deal

Force traffic out WAN 2 when WAN status showing as failed

Question from the field.  Customer wants to utilise WAN 2 on a HA pair of MX's to route traffic out to the PSN (public sector private wan).  On the MX we can reach the remote side servers, DNS etc.  Situation is that the WAN status on the ports are showing as Failed.  We've gone through the connection monitor tests on WAN 2 and they all come back successful.  A traceroute from the downstream traffic (Meraki MS switches) is showing as hitting the MX and trying to route out via WAN 1.  

 

Is this because the MX is reporting WAN 2 as failed (despite reachability tests working from the MX 2 interfaces)?  

 

And can Meraki support enable anything to force this traffic out despite the status of the port?  We never want it to route out via WAN 1 so the status of the port in this case is irrelevant.

Darren O'Connor | uccert.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
2 REPLIES 2
PhilipDAth
Kind of a big deal

>Is this because the MX is reporting WAN 2 as failed (despite reachability tests working from the MX 2 interfaces)?  

 

Correct.

 

>And can Meraki support enable anything to force this traffic out despite the status of the port?  We

 

Not to the best of my knowledge.

 

 

Can you use a VLAN port instead?

UCcert
Kind of a big deal

Hi @PhilipDAth , appreciate the response.  Just as I feared.  The traffic needs to be be PAT'ed so we can't use a VLAN in this instance.

Darren O'Connor | uccert.co.uk
https://www.linkedin.com/in/darrenoconnor/

I'm not an employee of Cisco/Meraki. My posts are based on Meraki best practice and what has worked for me in the field.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels