MG21 and Failover

Solved
RobertStark
Here to help

MG21 and Failover

I am posting here as I don't see any other topic area which covers cellular and I figured this is a setting for my network on my SD-WAN MX-84. Hi, I just received the MG21, got the license registered and the cellular SIM put it. All seems to be working. The only thing I am having a hard time with is finding out how to do the cellular failover. Maybe I am not seeing the proper documentation. But my needs are this. I would like the traffic to be directed through cellular only after a network failure of my main uplink (from fiberoptic link). I was told there was some sort of rules that could be set on the firewall. Any pointers to the info would be great. Thanks.

1 Accepted Solution
KarstenI
Kind of a big deal
Kind of a big deal

You find the relevant settings under "SD-WAN & traffic shaping". Assuming the MG21 is connected to WAN2, you have to:

  • Set the primary Uplink to WAN1
  • Disable Load balancing
  • Disable Active-Active AutoVPN
  • Have no Flow- and uplink preferences configured.

Now your fibre line is primary and the cellular gateway will be used as a backup.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.

View solution in original post

6 Replies 6
KarstenI
Kind of a big deal
Kind of a big deal

You find the relevant settings under "SD-WAN & traffic shaping". Assuming the MG21 is connected to WAN2, you have to:

  • Set the primary Uplink to WAN1
  • Disable Load balancing
  • Disable Active-Active AutoVPN
  • Have no Flow- and uplink preferences configured.

Now your fibre line is primary and the cellular gateway will be used as a backup.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
RobertStark
Here to help

Thank you for that answer. I started to work on this today and realized I might have a problem. I am wondering about my configuration. I would like to plug in my MG21 directly to my MX84 Security Appliance as a WAN2. However, for some reason the "bigger and better" security appliance I bought does not have POE. which means I would have to purchase a power source and makes this less appealing as this is for emergencies like when the internet goes out (and power goes out). I have backup electricity for all of my appliances. Anyways, I can plug it in to my MS220-48LP switch which can provide POE which plugs into my security appliance. Does this complicate the situation if I am trying to stick with POE to power my cellular gateway? Any thoughts? I also though of the possibility of using two wires. There are two ports on my Cellular Gateway. I could plug one ethernet cable into the WAN2 on the security appliance and the the POE port on the cellular gateway could be plugged into the switch for power.

KarstenI
Kind of a big deal
Kind of a big deal

As a rule of thumb, the external traffic should not run through an internal switch.

I would go for an external power injector. Either a regular one or something like a ZyXel 5-port PoE switch as I have to connect my MG41 to the MX68.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
RobertStark
Here to help

Thank you!

RobertStark
Here to help

Thanks again. I would like to say for the record, that Meraki should have POE on at least a couple of the ports on the Mx84 for this very reason. I realize that the cellular ran on USB at one time, but if they offer a product that uses ethernet and POE, like the MG21, then they should have a solution on the security appliance to match. 

KarstenI
Kind of a big deal
Kind of a big deal

Well, the newer models, like the MX85, has PoE on one of the WAN-ports. But the older devices all don't have this.

If you found this post helpful, please give it Kudos. If my answer solves your problem, please click Accept as Solution so others can benefit from it.
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels