Hi all,
We're almost at the end of our EU wide SD-WAN rollout (only around 30 sites but still...) and as I'm sure anyone who's ever done this will know, with Meraki "it just works" 🙂
We have a remaining office site that for current political reasons we can't deploy any Meraki hardware to site. We are looking at a simple third party VPN link (Probably using a locally sourced ASA) into a spare MX using the excellent reference article from Aaron Willette (https://www.willette.works/merging-meraki-vpns/) which we've already used to great success for an actual third party that needs access to an internal resource.
I'm hoping to build a pair of 3rd party VPN links so we don't have a single point of failure but getting traffic flowing over the right VPN link seems like a challenge as each of the corporate LAN MX's would publish the same static route into the SD-WAN pointing to their local 3rd party MX. I have a vague recollection that it's possible to do some element of traffic steering using over the SD-WAN using the priority of the hub's that a spoke connects to but I don't think that's possible between hubs.
Am I just overthinking the whole situation?