How to monitor WAN uplink state

Emiliano
Here to help

How to monitor WAN uplink state

We have a lot of remote branches with a couple of MX in failover with 2 different WAN connections.

The SD-WAN configuration use both WAN links and we monitor VIPs and physical addresses of the MX via Paessler PRTG.

Sometimes for a degraded line or any other reason the SD-WAN acts with only 1 WAN link and we need to solve with a reboot of the ISP router. Unfortunately we are not informed that remote site is in that condition.

How can we check via Paessler PRTG? Is there an API or specific SNMP or syslog traps that we can try implement?

 

Any help is appreciated. Thanks in advance

4 Replies 4
alemabrahao
Kind of a big deal
Kind of a big deal

You can check the APIs here.

 

https://developer.cisco.com/meraki/api-v1/#!get-organization-appliance-vpn-stats

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
PhilipDAth
Kind of a big deal
Kind of a big deal

I don't know the answer.

 

I'm going to assume the link is working, and not fully down.  You would probably need to use some kind of latency of packet loss monitor and alert when the loss exceeds a certain threshold (say 25%).

GreenMan
Meraki Employee
Meraki Employee

For ease-of-use, I'd recommend the WAN Health component within Meraki Insight.   This can be configured with alerting, related to WAN link performance, not just whether a link is up or down.   Maybe get your Meraki account team to set you up a free trial initially?   Of course, Insight also provides a lot more than just WAN Health information too  https://documentation.meraki.com/Getting_Started_with_Meraki/Getting_Started_Resources/Meraki_Free_T...

 

Be aware too that Insight (and with it, WAN Health) is included within the SD-WAN+ MX license, which adds more goodness:   https://documentation.meraki.com/General_Administration/Licensing/Meraki_MX_Security_and_SD-WAN_Lice...

 

Note that, as with other MX licence levels, SD-WAN+ would need to be applied to all MXs in the Org - except for vMX and/or Z1/3/4 SoHo devices.

 

You can setup SNMP too - you might find that, for busy sites, monitoring each MX directly provides the best results:   this is the setup configured under Network-wide > General, as opposed to using the Dashboard as, effectively, a proxy for SNMP (configured at Organization level)

thanks for the informations! we have already activated Meraki Insight and we send emails based on the conditions of the latency of the packets and the change of state of the WAN.
the end customer who is enterprise level has not purchased SD-WAN+ license and I am afraid that it will not be possible to purchase it.
We would like to try to expose the data available from the dashboard on PRTG and perhaps the most suitable way is that of the API. On the other hand, regarding SNMP, Meraki support for MX and MR does not seem possible to be able to provide information on the state of the interfaces or on uptime as is the case for MS devices. Correct me if I'm wrong.

Get notified when there are additional replies to this discussion.