Policy Routing

ghud312
Conversationalist

Policy Routing

I'd like to send default traffic from a vlan out of the internet link (WAN 2) and traffic with RFC 1918 destination out through the MPLS tunnel  (WAN 1) back to the data center? Is this possible on the MX-84? In the traffic shaping section, it doesnt look like I can use prefix-lists which I would need to add all of the private addresses. 

7 REPLIES 7
kYutobi
Kind of a big deal

kYutobi_0-1607020041286.png

 

Check Flow preferences. From there you can put what IPs you want out of either WAN1 or WAN2 

 

Enthusiast
ghud312
Conversationalist

@kYutobi So thats what I saw. I would like to have destination prefix for


10.0.0.0/8 ge 8,
172.16.0.0/12 ge 12,
192.168.0.0/16 ge 16

 

without having to type in each specific subnet.  Would it work with the greater than statement?

KarstenI
Kind of a big deal
Kind of a big deal

You dont't need the "ge X" here. Just put in the three major networks and you are good to go.

ghud312
Conversationalist

@KarstenI Ok, Thanks. Will give it a try.

Bruce
Kind of a big deal

@ghud312 any reason why you want to use a WAN port for your MPLS connection? Why not use a LAN port and configure routing on the MX for the appropriate addresses?

 

Just remember that unless you enable No NAT on the WAN port all traffic on the MPLS link will appear to come from one IP address - you may also need the inbound firewall rules enabled if you’re expecting inbound connections over the MPLS link to the WAN port.

KarstenI
Kind of a big deal
Kind of a big deal

@BruceMy reason would be to run AutoVPN over MPLS. Personally I like t encrypt all data between my sites, regardles of the transport.

ghud312
Conversationalist

I dont have a reason. I've been here 3 weeks and that's how its setup.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels