Meraki

EPDK · ‎Mar 22 2021

Hello!

Newer to Meraki and so far its been great. I have seen solutions in the forum that are very close to what I am looking for and maybe I'm completely over thinking or their is different solution. We have 2 ISP's with blocks of ip's for both. We have several NAT's identified for various services on our main internet service (WAN 1), with our 2nd internet set to failover. I would like to create additional NAT's on the 2nd internet (failover) that are using the same private ip, and we would then have our dns use health checks in order to failover.

Im hung up on where the traffic is going to go out if I have 2 nats for the same server on 2 separate isp's. Will this cause packet drops, asynchronous, etc..?

Does the Primary Uplink setting not allow traffic to go out the 2nd wan (failover) NAT if it is set to WAN 1?

Do the NAT's on WAN2 (failover) not allow connectivity until the primary uplink (WAN 1) fails?

example

Wan1 - server1 private port 443 ip 192.168.1.1, nat to 1.1.1.1 public - main dns w/ health check www.example.com

Wan2 - server1 private port 443 ip 192.168.1.1. nat to 2.2.2.2 public - failover dns www.example.com

Thanks for any help!

cmr · ‎Mar 22 2021

@EPDK I'm not 100% on this, but as it is inbound NAT then you should simply be able to create the two NAT rules as described and the server will send the return traffic back to the MX. As the MX has the inbound flow, it will match the replies and send it back out of the correct WAN port.

At least that's how it works with our Enterprise edge firewalls...

If my answer solves your problem please click Accept as Solution so others can benefit from it.

CptnCrnch · ‎Mar 23 2021

I‘m completely with @cmr here. Pretty straight forward with Meraki easiness

Meraki

Community

Nat Failover

Nat Failover