Have and SSID go out WAN 2

SOLVED
JordanNolan
Here to help

Have and SSID go out WAN 2

I have a primary fiber line that I use for VPN tunnels and Video Conferencing and other business critical services.  We also have a 100/20 Comcast line for emergency fail over.

 

The reception in the building is terrible so I like to have a mobile SSID available for the employees to do WiFi calling or check their emails on their breaks.  For this I use the Meraki DHCP and NAT settings on the SSID which gives the mobile devices a 10.0.0.0/8 IP.  

 

I currently limit the bandwidth on the Mobile SSID but I would rather just send the traffic out the lower quality failover Comcast line.  However, I am having a little trouble because my internal IPs are 10.0.x.x as well.  I do not see a way to send traffic out an interface by VLAN or SSID.

1 ACCEPTED SOLUTION
NolanHerring
Kind of a big deal

I believe in theory for this to work, you would have to use bridge-mode and have a dedicated VLAN for the mobile SSID your talking about.

 

Then, using that subnet you provide it, you would go into Security & SD-WAN > SD-WAN & Traffic Shaping, and there configure Flow Preferences.

 

So your source would be that subnet for that SSID, and preferred uplink would be WAN 2 for example.

Nolan Herring | nolanwifi.com
TwitterLinkedIn

View solution in original post

5 REPLIES 5
NolanHerring
Kind of a big deal

I believe in theory for this to work, you would have to use bridge-mode and have a dedicated VLAN for the mobile SSID your talking about.

 

Then, using that subnet you provide it, you would go into Security & SD-WAN > SD-WAN & Traffic Shaping, and there configure Flow Preferences.

 

So your source would be that subnet for that SSID, and preferred uplink would be WAN 2 for example.

Nolan Herring | nolanwifi.com
TwitterLinkedIn

Thanks,

I supposed I could use the MX as a DCHP for that VLAN for the SSID and use a smaller subnet which would allow me to route the traffic.

Correct

Make the MX the default gateway/DHCP etc. Just need to make sure your AP ports are configured for whatever the new VLAN is your going to use, since you'll have to tag the VLAN on the SSID settings for it to get dropped into the network correctly.
Nolan Herring | nolanwifi.com
TwitterLinkedIn

And keep in mind that the word used is 'preferred' so if WAN 2 goes down, it will fail-over to WAN1

Just as an FYI if you were under the impression that if your Comcast goes down, the mobile SSID goes down with it.
Nolan Herring | nolanwifi.com
TwitterLinkedIn

Alternatively if your AP’s are all on the same management vlan you could configure that subnet to flow preference out wan2. When doing dhcp with NAT on a MR all clients src NAT to management IP of MR pre egress.

 

In this scenario the MR would also talk to the dashboard using WAN2.

 

food for thought

 

cheers

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels