SDWAN with 2 uplink Internet and MPLS

JorgeL
Here to help

SDWAN with 2 uplink Internet and MPLS

Hi people,

 

I hope you can help me, attached a diagram:

MX MPLS.png

In the Datacenter we have the MX250 in NAT mode, with the Internet1 port connected to ISP with internet (with access to the Meraki dashboard), and the Internet2 port connected to ISP with MPLS only.

 

In the branch it is the same, we have the MX67 in NAT mode, with the Internet port connected to ISP with internet (with access to the Meraki board), and port2 (setting as uplink) connected to ISP with MPLS.

 

Through the Internet link, the MX devices connect and registry to the dashboard and build VPN, but the MPLS link no found, the port status is "Failed" on both sites:

 

WAN2 Failed.JPG

 

The transport on the MPLS link was tested, the connectivity is sussesfully.

 

What configuration do you recommend to provide the 2 operational uplinks (Internet and MPLS)?

 

Tks

Jorge

 

 

5 REPLIES 5
PhilipDAth
Kind of a big deal
Kind of a big deal

It will be because the MPLS circuit is not providing a path to the Internet.

 

You have two deployment scenarios.  Use AutoVPN as a backup for MPLS, and leave the MPLS as is.

https://documentation.meraki.com/MX/Deployment_Guides/MPLS_Failover_to_Meraki_Auto_VPN

 

The other option is to connect MPLS to the Internet and use AutoVPN over both paths.

https://documentation.meraki.com/MX/Site-to-site_VPN/Configuring_Site-to-site_VPN_over_MPLS

Note that the diagram shows the MX in VPN concentrator mode.  It is possible to make this work in NAT mode as well, but you need an additional firewall or something else to provide Internet Access for the MPLS network.

Thank you for your response, this means that without internet it is not possible to use AutoVPN ??
Is it better to have 2 internet uplinks that 1 internet uplink and 1 of MPLS?

Tks
Jorge
PhilipDAth
Kind of a big deal
Kind of a big deal

>Is it better to have 2 internet uplinks that 1 internet uplink and 1 of MPLS?

 

I tend to go for two Internet circuits ...

abs4network
Conversationalist

Had a similar issue and the MPLS had no internet exit so there is a 3rd way as well, you can participate in the Beta version which will help over the issue. You will have to call Meraki TAC to be able to get this working and register for the Beta version. The Beta works, just not publicly released because they are still testing it across the million scenarios at user production.

 

https://documentation.meraki.com/MX/Networks_and_Routing/BGP

 

Hope that helps.


Thanks,

Abs

 

Thanks, I will try to call the TAC to use the BETA version.

Jorge
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels