Nat Failover

Comes here often

Nat Failover



Newer to Meraki and so far its been great. I have seen solutions in the forum that are very close to what I am looking for and maybe I'm completely over thinking or their is different solution. We have 2 ISP's with blocks of ip's for both. We have several NAT's identified for various services on our main internet service (WAN 1), with our 2nd internet set to failover. I would like to create additional NAT's on the 2nd internet (failover) that are using the same private ip, and we would then have our dns use health checks in order to failover. 


Im hung up on where the traffic is going to go out if I have 2 nats for the same server on 2 separate isp's. Will this cause packet drops, asynchronous, etc..?


Does the Primary Uplink setting not allow traffic to go out the 2nd wan (failover) NAT  if it is set to WAN 1?


Do the NAT's on WAN2 (failover) not allow connectivity until the primary uplink (WAN 1) fails?






Wan1 - server1 private port 443 ip, nat to public  - main dns w/ health check

Wan2 - server1 private port 443 ip nat to public  - failover dns


Thanks for any help!



Kind of a big deal
Kind of a big deal

@EPDK I'm not 100% on this, but as it is inbound NAT then you should simply be able to create the two NAT rules as described and the server will send the return traffic back to the MX.  As the MX has the inbound flow, it will match the replies and send it back out of the correct WAN port.


At least that's how it works with our Enterprise edge firewalls...

Kind of a big deal

I‘m completely with @cmr here. Pretty straight forward with Meraki easiness

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.