Meraki

Community

Spoke and Hub question

Solved
Hatamoto
Conversationalist
‎Apr 1 2019 6:20 AM
‎Apr 1 2019 6:20 AM

Spoke and Hub question

Hello all, I am a Meraki novice.

 

I have an MPLS in a remote location that is at 95% utilized at 1.4mbps. I want to go to our gigabit connection (on port 2 of the switch side of the MX-60 with an IP of 192.168.11.3) and do a vpn spoke to our HQ. The 60 only has a single WAN port, and i don't want to lose the route-able address, how do i route all the traffic to switch port 2 so i can run everything through the gigabit connection while keeping the WAN the same?

 

Thank you for any help! 

0 Kudos
1 Accepted Solution
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 1 2019 12:27 PM
‎Apr 1 2019 12:27 PM

The MX60 (compared to modern appliances) has quite low VPN throughput.  I don't know the exact number, but I could see it only being in the 10's of Mb/s.

 

Check out this sizing guide and pay attention to the maximum VPN throughput.

https://meraki.cisco.com/lib/pdf/meraki_whitepaper_mx_sizing_guide.pdf

 

 

Their are two approprisate guides here.  The first is where you run AutoVPN over both MPLS and the Internet.  This is the most complex but offers the most options.  It lets you route the traffic over either circuit however you want.

https://documentation.meraki.com/MX/Site-to-site_VPN/Configuring_Site-to-site_VPN_over_MPLS

 

The second is where you use the Internet for backup of the MPLS circuit only.  For your case, you would need to deliberately fail the MPLS to make it use the Internet, and then manually plug it back in of the Internet happened to fail.

https://documentation.meraki.com/MX/Deployment_Guides/MPLS_Failover_to_Meraki_Auto_VPN

View solution in original post

2 Replies 2
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Apr 1 2019 12:27 PM
‎Apr 1 2019 12:27 PM

The MX60 (compared to modern appliances) has quite low VPN throughput.  I don't know the exact number, but I could see it only being in the 10's of Mb/s.

 

Check out this sizing guide and pay attention to the maximum VPN throughput.

https://meraki.cisco.com/lib/pdf/meraki_whitepaper_mx_sizing_guide.pdf

 

 

Their are two approprisate guides here.  The first is where you run AutoVPN over both MPLS and the Internet.  This is the most complex but offers the most options.  It lets you route the traffic over either circuit however you want.

https://documentation.meraki.com/MX/Site-to-site_VPN/Configuring_Site-to-site_VPN_over_MPLS

 

The second is where you use the Internet for backup of the MPLS circuit only.  For your case, you would need to deliberately fail the MPLS to make it use the Internet, and then manually plug it back in of the Internet happened to fail.

https://documentation.meraki.com/MX/Deployment_Guides/MPLS_Failover_to_Meraki_Auto_VPN

In response to PhilipDAth
Hatamoto
Conversationalist
‎Apr 2 2019 4:52 AM
‎Apr 2 2019 4:52 AM

Thank you very much!

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.