I have a site with a 10-mb fiber Internet/VPN uplink, and kept the old Uverse uplink for a backup uplink (not using for load-balancing). I would like to allow users at that site to continue streaming music (distant, rural location), but only over the backup Uverse uplink, so as to not bog down the primary uplink. Does anybody know how I can direct all streaming media requests over that uplink? The Flow Preferences option on the Traffic Shaping page of the MX only accepts specific IP's and ports as criteria.
Thanks.
Solved! Go to solution.
I don't think there's any easy way to do this. To control Internet traffic you have to use the Internet Flow Preferences, but those are limited to the old src/dst IP/port fields. You can't use L7 application classification there 😞
It certainly would be nice if Meraki would add L7 classification to this feature...
I don't think there's any easy way to do this. To control Internet traffic you have to use the Internet Flow Preferences, but those are limited to the old src/dst IP/port fields. You can't use L7 application classification there 😞
It certainly would be nice if Meraki would add L7 classification to this feature...
I agree with @jdsilva assessment.
One thing you could do on the Security Appliance>Traffic Shaping page is to set the prefered uplink to the WAN port you want the majority of the internet and streaming stuff to go out of and then you could set some Internet Flow preferences for hopefully the smaller list of specific stuff you want to use the other WAN port.
It's an interesting issue, we've been hoping for something like this for some time but the routing capabilities are not there yet. I wish I had time to dig out my notes and if this isn't answered when I get back to the office I'll look them up, but in the mean time you might be able to use something like a walled garden or separate SSID if you use Meraki Wi-Fi AP. Setting up a separate VLAN, SSID, and assigning it to the 2nd WAN possibly. You might need to use a Static Route to force the traffic over the second WAN though.
Like I said I'll look up my note, I know posting a incomplete post may not be all that helpful, but it might be enough to get you working towards the right way.
I agree with the prior posts.
The closest you could do would be to lookup the ASN used by specific streaming providers (if they have one), get all the IP address blocks allocated to them, and then load them all in.
To look up the ASN you use the "whois" service. There is usually a whois service for each "RIR". So you need to locate the RIR that your streaming provider is in, and then look them up. If they are in multiple regions you might need to use multiple whois services. Painful.
https://en.wikipedia.org/wiki/Regional_Internet_registry
Hi MMos,
Please, how can you use static route to force the traffic over the second WAN? I have exact issue right now and have been trying to figure out how to block access to the guest network on guestwiff SSID when the LTE circuit is active which is WAN1. The primary link is DSL which is WAN2
Hi Spence
Have you solved your issue? You can do this by removing NAT on the interface.