cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

SD-WAN and local breakout for O365 and Microsoft Updates

Highlighted
Here to help

SD-WAN and local breakout for O365 and Microsoft Updates

Hello community,

 

I received the following scenario from our customers:

 

MX (Spoke) have one DSL Internet WAN Port 1 and one MPLS WAN Port 2, the MPLS have a local internet breakout. This gives us the opportunity to set up a VPN to the MX (hub) on both WAN ports.

 

Now the voice communication should go over the MPLS VPN and the rest of the internal communication and the internet communication over the VPN at WAN port 1.In addition, the customer wants the Office 365 and Microsoft updates to go out via the local breakout, i.e. directly on the MX via the DSL connection.

 

I can configure voice traffic via VPN TrafficShaping.
And I can configure internal traffic and Internet traffic with the default route in the VPN Site2Site.

 

But how do you configure the routes to push the Office 365 and Microsoft upgrade locally via the DSL connection?

 

Can someone help me here?

 

thank you

5 REPLIES 5
Highlighted
Kind of a big deal

Re: SD-WAN and local breakout for O365 and Microsoft Updates

Highlighted
Here to help

Re: SD-WAN and local breakout for O365 and Microsoft Updates

Hello Uberseehandel,

 

if I now understand the articles correctly, then the VPN settings are on the Windows desktop. But I want to configure the routing on the MX.

 

besrt regards

Nikolai

Highlighted
Kind of a big deal

Re: SD-WAN and local breakout for O365 and Microsoft Updates

Highlighted
Kind of a big deal
Kind of a big deal

Re: SD-WAN and local breakout for O365 and Microsoft Updates

@Uberseehandel @Nikolai_Borhart is talking about site to site VPNs, not client VPNs

Highlighted
Kind of a big deal

Re: SD-WAN and local breakout for O365 and Microsoft Updates

@cmr 

Please see - https://docs.microsoft.com/en-us/Office365/Enterprise/office-365-vpn-split-tunnel 

 

This explains how to identify the O365 traffic, which is why I posted it as "helpful" rather than the solution . . . 

 

MS explains how to select the relevant traffic, specifically "to mitigate the risk of VPN infrastructure saturation", it makes sense to use the same logic to route the O365 traffic to a specific WAN port.🤓😷

 

 

Robin St.Clair | Principal, Caithness Analytics | @uberseehandel
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.