Spoke to failover to own WAN

NickSpeechley
Here to help

Spoke to failover to own WAN

Hey all,

 

On my test bench i have two MX's, one with Fibre WAN (Hub) and the other using 4G (Spoke). I have configured the Spoke with the Default Route tick box ticked to the Hub which all works fine and to reach the internet it goes via the Hub. When i disconnect the WAN cable to the Hub, the Spoke goes down despite in the routing table it has two default gateways with the higher being the Hub and the second to its own WAN. The spoke still works to the Meraki cloud but local subnet can't reach the internet. If i untick the 'Default Route' tickbox It can then reach the internet.

 

How can i get my Spoke to failover over to its own WAN for when the Default Route to the hub is down? I would had throught via the Routing Table that if the link is down (Red) then it should fail to the next item to which is the default route to its own WAN.

 

 

Meraki Spoke.PNG

5 REPLIES 5
PhilipDAth
Kind of a big deal
Kind of a big deal

When you have ticked the "default route" option what you are saying is it must go via AutoVPN.  You wont be able to achieve failover doing it that way.

 

Perhaps you need to consider making the hub more redundant.

The confusing part is the routing table still displays the Default-Route for its direct WAN uplink (Under the VPN Default-Route) are you saying this is just for the purpose of Meraki Cloud management?

>is just for the purpose of Meraki Cloud management?

 

Yes, kind of.

DanielWeedon23
Conversationalist

Hi Nick,

 

From my understanding, and fellow Meraki Nerds please correct me if I am wrong, when you select "Default Route" all traffic will go through that route. If that route is down, it is unable to connect to the hub to send through the traffic.

 

IF, you untick the "Default Route" it sends traffic via a "Split Tunnel" (Selected network subnets connects via the selected VPN). This allows internet traffic to go through the Meraki Device's 4G connection.

 

Because you have the "Default Route" selected, all traffic is trying to go via the VPN link. Hope this makes sense...

 

In our environment, we have to select "Default Route" due to a proxy client. But if we do not have the proxy installed for a particular site, we are able to have the MX device in Split Tunnel mode. This way, if the site loses connectivity to the hub, they are still able to have internet access. They will reconnect to network services once the VPN connection re-establishes.

Thanks DanielWeedon23, it 100% makes sense for the use of Default-Route tickbox it's just that the Route-Table still specifies a 2nd Default-Route being its own WAN so i would see that as 'If the first Default-Route is down, move to the next line which is the 2nd Default-Route'. I would think for this scenario when the tickbox is ticked then the Route-Table shouldn't display It's WAN Default-Route if that makes sense?

 

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels