cancel
Showing results forย 
Showย ย onlyย  | Search instead forย 
Did you mean:ย 

Local breakout from autovpn

Highlighted
A model citizen

Local breakout from autovpn

Taken from my LinkedIn feed from Gary Daly


[๐Œ๐— ๐”๐ฉ๐๐š๐ญ๐ž] ๐‹๐จ๐œ๐š๐ฅ ๐ˆ๐ง๐ญ๐ž๐ซ๐ง๐ž๐ญ ๐๐ซ๐ž๐š๐ค๐จ๐ฎ๐ญ (๐ˆ๐ ๐๐š๐ฌ๐ž๐) ๐Ž๐ฎ๐ญ ๐๐จ๐ฐ

One of the most popular ask from our customers is to locally breakout certain destination traffic.

We are pleased to announce that Local Internet Breakout for Meraki AutoVPN is officially released for all of our customers.

4939B1CD-55AD-468D-9615-779DB9096CDF.jpeg

โ€ƒ

2 REPLIES 2
Highlighted
Here to help

Re: Local breakout from autovpn

what version firmware does the device need to be on to see this change?

Highlighted
Building a reputation

Re: Local breakout from autovpn

Has anyone tested this? It's not working for me.

 

I have a spoke site with the default route box checked, so all traffic goes back to the main head-end. I also have a 0.0.0.0/0 route advertised from the hub to the spoke sites.

 

I added ANY 1.1.1.1/32. If I try to ping from the spoke site Meraki (vlan, default, or internet) it does not work. Doing a trace from a device connected to the Meraki shows it's still following default route.

 

Do we know if routes advertised from the main hub have a higher priority than the VPN exclusion?

 

Aaron_Wilson_2-1596486832424.png

 

Aaron_Wilson_0-1596486733465.png

 

Aaron_Wilson_1-1596486783585.png

 

 

Now, if I use trace route on the Meraki this uses ONLY the WAN interface rule and bypasses all settings/rules/routes. Works just fine, but this is expected.

 

Aaron_Wilson_3-1596486981688.png

 

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.