Restrict MX64W 4G Traffic to Cisco Spark?

Solved
kordm
Getting noticed

Restrict MX64W 4G Traffic to Cisco Spark?

Hi all, I have a remote office with poor wireless WAN connectivity. I want to move that office to a VoIP system via Cisco Spark but I'm wary about reliability. I'm hoping to use a USB 4G modem as a backup so that office can still use their phones, but because the main connection is so shady, I don't want regular internet traffic consuming our allotted data unnecessarily.

 

Is there a way to restrict the MX64W to Spark traffic only when it has failed over to the 4G modem? I haven't done any research on Spark's firewall requirements but I don't see any per-connection restriction rules aside from global traffic shaping.

 

Any advice would be very much appreciated.

1 Accepted Solution
NolanHerring
Kind of a big deal

Is the spark an application on machines, or physical phones? If physical then you could just make sure they are on their own VLAN and only allow that VLAN over the cellular firewall rules.

If it is the application, then it gets harder to manage this. You would have to allow specific ports only I believe:

https://help.webex.com/en-us/WBX264/Network-Requirements
Nolan Herring | nolanwifi.com
TwitterLinkedIn

View solution in original post

3 Replies 3
NolanHerring
Kind of a big deal

Is the spark an application on machines, or physical phones? If physical then you could just make sure they are on their own VLAN and only allow that VLAN over the cellular firewall rules.

If it is the application, then it gets harder to manage this. You would have to allow specific ports only I believe:

https://help.webex.com/en-us/WBX264/Network-Requirements
Nolan Herring | nolanwifi.com
TwitterLinkedIn
kordm
Getting noticed

That's perfect. The phones are physical, I can just restrict the voice VLAN to 4G.

NolanHerring
Kind of a big deal

That should work and keep things simple for fail-over etc. However if you want to get a little fancier, you could just some custom performance classes for voice specific and let the SD-WAN feature determine which path is best for voice etc.

Good luck !
Nolan Herring | nolanwifi.com
TwitterLinkedIn
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels