cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Select few application (layer 7) to breakout locally

SOLVED
Highlighted
Comes here often

Select few application (layer 7) to breakout locally

Hi,

 

My customer has few sites and all have internet. We are proposing Meraki MX with SD-WAN. Customer wants to select certain application (e.g O365 etc) to break out (Internet) locally and remaining application to go over the tunnel to HO? Is that possible?

 

Thanks,

Aamir

1 ACCEPTED SOLUTION

Accepted Solutions
Kind of a big deal

Re: Select few application (layer 7) to breakout locally

Not really.  You really want to break out all Internet access locally or you'll have grief.

View solution in original post

4 REPLIES 4
Kind of a big deal

Re: Select few application (layer 7) to breakout locally

Not really.  You really want to break out all Internet access locally or you'll have grief.

View solution in original post

Highlighted
Comes here often

Re: Select few application (layer 7) to breakout locally

ok can we just say www.outlook.com to break out locally and remaining internet traffic to go to HO via tunnel in all the sites or even that's not possible?

Highlighted
Head in the Cloud

Re: Select few application (layer 7) to breakout locally

Hi @Aamir 

I believe the understanding is

We can have a FULL Tunnel / SPLIT Tunnel. [We may send All / only the Remote Subnet Traffic via the Tunnel]

Tunneling

There are two tunneling modes available for MX-Z appliances configured as a Spoke:

  • Split tunnel (no default route): Send only site-to-site traffic, meaning that if a subnet is at a remote site, the traffic destined for that subnet is sent over the VPN. However, if traffic is destined for a network that is not in the VPN mesh (for example, traffic going to a public web service such as www.google.com), the traffic is not sent over the VPN. Instead this traffic is routed using another available route, most commonly being sent directly to the Internet from the local MX device. Split tunneling allows for the configuration of multiple hubs.
  • Full tunnel (default route): The configured Exit hub(s) advertise a default route over Auto VPN to the spoke MX. Traffic destined for subnets that are not reachable through other routes will be sent over VPN to the Exit hub(s). Exit hubs' default routes will be prioritized in descending order.

 

 

Regards
Ajit
ajitsnw@gmail.com
Highlighted
Comes here often

Re: Select few application (layer 7) to breakout locally

thanks a lot.

Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.