Meraki

Community

Load balancing with Client/AnyConnect VPN

Solved
SteveDW
Here to help
‎Oct 5 2022 1:32 PM
‎Oct 5 2022 1:32 PM

Load balancing with Client/AnyConnect VPN

Hello all, I currently have Client VPN and AnyConnect VPN working great with two stacked MX250s with a WAN1 and WAN2 circuit. I discovered that when activating load balancing with WAN1 and WAN2, the VPN connection on the client computer has proven to be unreliable with random results. The traffic will randomly go through either WAN1 or WAN2. Thus, this changes the IP address on the client. In addition, I discovered the DDNS assigned name xxxxx.dynamic-m.com keeps changing the IP addresses between the two WAN ports.

 

I have researched a bit on the Meraki MX device and discovered there is a "SD-WAN policies" section that includes a "VPN traffic" option. I suspect that if I "add a preference" and choose "load balance" for a certain "performance class," this may resolve the problem. Is this correct? If not, can you please provide some insight on this?

 

Please let me know if I need to clarify this further. I really appreciate any input. Thanks in advance.

Labels:
0 Kudos
1 Accepted Solution
RaphaelL
Kind of a big deal
Kind of a big deal
‎Oct 5 2022 2:03 PM
‎Oct 5 2022 2:03 PM

That's correct. This documentation covers some topics that you are searching : https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Load_Balancing_and_Flow_Preferen...

View solution in original post

0 Kudos
3 Replies 3
RaphaelL
Kind of a big deal
Kind of a big deal
‎Oct 5 2022 2:03 PM
‎Oct 5 2022 2:03 PM

That's correct. This documentation covers some topics that you are searching : https://documentation.meraki.com/MX/Firewall_and_Traffic_Shaping/MX_Load_Balancing_and_Flow_Preferen...

0 Kudos
In response to RaphaelL
SteveDW
Here to help
‎Oct 5 2022 2:13 PM
‎Oct 5 2022 2:13 PM

Thank you so much. I appreciate the feedback!

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Oct 5 2022 8:12 PM
‎Oct 5 2022 8:12 PM

>In addition, I discovered the DDNS assigned name xxxxx.dynamic-m.com keeps changing the IP addresses between the two WAN ports.

 

This should ONLY happen if the primary WAN interface goes down - and in no other case.  AnyConnect clients terminating on an MX do no load balance across the WAN ports.

 

I think you might have a bug in the firmware version you are using.  I would try upgrading to the latest stable release, ot the latest in the release train you are already using.

0 Kudos
Back to the top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.