Meraki

Community

Heavily restricting allowed traffic on WAN2?

Solved
DR1
Getting noticed
‎May 8 2021 10:09 AM
‎May 8 2021 10:09 AM

Heavily restricting allowed traffic on WAN2?

Hello,

 

I'm looking for advise on how best to approach limiting WAN2 traffic in the event of a failover from WAN1.

 

Our WAN1 is a 1Gbps-FD fiber connection. If its online, we want all traffic types to use it inclusively.

 

Our WAN2 is connected to a 4G LTE modem with limited speeds and expensive bandwidth. If WAN1 goes offline, we only want to allow some VoIP, Point-of-Sale transactions, and dashboard control traffic to pass over it.

 

This would be really easy if we were able to use the 4G LTE fail-over USB port. It has a dedicated IP table for limiting traffic types.

I however can't find anything similar that allows for specific restrictions on WAN2.

 

There must be more than one way to do this right?

 

0 Kudos
1 Accepted Solution
Bruce
Kind of a big deal
‎May 8 2021 5:58 PM
‎May 8 2021 5:58 PM

Log a support case, they should be able to configure your network so that the Cellular firewall rules apply to WAN2 for exactly this purpose - allowing you to restrict what goes out WAN2.

View solution in original post

4 Replies 4
ww
Kind of a big deal
Kind of a big deal
‎May 8 2021 11:02 AM
‎May 8 2021 11:02 AM

https://community.meraki.com/t5/Security-SD-WAN/Restrict-traffic-on-the-failover-WAN/m-p/105666#M267...

Bruce
Kind of a big deal
‎May 8 2021 5:58 PM
‎May 8 2021 5:58 PM

Log a support case, they should be able to configure your network so that the Cellular firewall rules apply to WAN2 for exactly this purpose - allowing you to restrict what goes out WAN2.

In response to Bruce
Crocker
A model citizen
‎May 10 2021 10:08 AM
‎May 10 2021 10:08 AM

Chiming in with a learned lession. If you're using a full-tunnel AutoVPN (or if any of the traffic you want to limit traverses the AutoVPN, to be specific), cellular firewall rules will not apply even with the bodge from support.

DR1
Getting noticed
‎May 19 2021 9:13 AM
‎May 19 2021 9:13 AM

As was suggested by a few members, all it took was a call to support. They switched the Cellular firewall rules so they would apply to WAN2.

 

Thank you

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2025 Cisco Systems, Inc.