Meraki

Community

SD-WAN | INTERNET OVER MPLS

Solved
fsantos
Comes here often
‎Oct 18 2023 2:26 PM
‎Oct 18 2023 2:26 PM

SD-WAN | INTERNET OVER MPLS

Hi Community!

 

  I need your opinion about the following topology, I currently have an MX with an internet link and an MPLS link, I would like to know if you have found a way to conmute the internet over MPLS, that is, when the local internet goes down use the internet over MPLS, maybe with a default route for example . I have placed an image as a reference of the topology, at the moment according to the documentation that I have found it is not possible, but perhaps you have found a solution

fsantos_1-1697664334977.png

 

Labels:
0 Kudos
1 Accepted Solution
StevePF
Getting noticed
‎Oct 19 2023 12:40 PM
‎Oct 19 2023 12:40 PM

Same here, I used this configuration as a transition from MPLS to Internet-based SD-WAN.

But I add some additional stuff, like allowing split tunnel and use WAN 1 (Internet circuit) as Primary uplink and disabled the load balancing.  I also added some SD-WAN policies to use WAN 2 (MPLS circuit) for voice and some sensitive traffic to our DC.

This was more predictable until I all the MPLS circuits were removed. After that, I used the uplink load balancing and modify the SD-WAN policies to use the best for voice or other custom performance classes.

View solution in original post

0 Kudos
10 Replies 10
ww
Kind of a big deal
Kind of a big deal
‎Oct 18 2023 2:42 PM
‎Oct 18 2023 2:42 PM

https://documentation.meraki.com/MX/Site-to-site_VPN/Configuring_Site-to-site_VPN_over_MPLS

In response to ww
fsantos
Comes here often
‎Oct 18 2023 2:58 PM
‎Oct 18 2023 2:58 PM

Thanks for you answer, currently i have this solution in my infraestructure.

 

MPLS Failover to Meraki Auto VPN - Cisco Meraki

0 Kudos
cmr
Kind of a big deal
Kind of a big deal
‎Oct 19 2023 2:35 AM
‎Oct 19 2023 2:35 AM

We have a similar requirement and at the hub we have the MXs in single ended concentrator mode.  That allows it all to work as you wish.

If my answer solves your problem please click Accept as Solution so others can benefit from it.
0 Kudos
StevePF
Getting noticed
‎Oct 19 2023 12:40 PM
‎Oct 19 2023 12:40 PM

Same here, I used this configuration as a transition from MPLS to Internet-based SD-WAN.

But I add some additional stuff, like allowing split tunnel and use WAN 1 (Internet circuit) as Primary uplink and disabled the load balancing.  I also added some SD-WAN policies to use WAN 2 (MPLS circuit) for voice and some sensitive traffic to our DC.

This was more predictable until I all the MPLS circuits were removed. After that, I used the uplink load balancing and modify the SD-WAN policies to use the best for voice or other custom performance classes.

0 Kudos
In response to StevePF
fsantos
Comes here often
‎Oct 20 2023 8:18 PM
‎Oct 20 2023 8:18 PM

Thanks! 

0 Kudos
rpidcock1
Here to help
‎Dec 19 2024 10:38 AM
‎Dec 19 2024 10:38 AM

So in this scenario, did you peer any routing protocols with the MPLS provider?  Did you enable BGP on your MX?

0 Kudos
In response to rpidcock1
fsantos
Comes here often
‎Dec 19 2024 10:45 AM
‎Dec 19 2024 10:45 AM

At that time there was no BGP feature, I did it with conditional static routes. Now the bgp option makes more sense.

0 Kudos
In response to fsantos
rpidcock1
Here to help
‎Dec 19 2024 10:59 AM
‎Dec 19 2024 10:59 AM

So are you using BGP today, or still static routing.   

 

0 Kudos
In response to rpidcock1
fsantos
Comes here often
‎Dec 19 2024 11:07 AM
‎Dec 19 2024 11:07 AM

still static, but I am considering BGP.

0 Kudos
In response to fsantos
rpidcock1
Here to help
‎Dec 19 2024 11:13 AM
‎Dec 19 2024 11:13 AM

I'm actively working on trying to get a site setup with this very scenario.  My problem is that I have different ASN's at my remote branches (i.e. 646xx where xx = branch number).  I'd love to visit with you sometime if you had a few minutes to chat about the overall setup.  Maybe we could compare notes a little as to our specific network environments.

 

Send me a direct message if you'd like to try to link up for a brief discussion.

0 Kudos
Back to the top
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.