Dear Community,
I have question to clarify with you regarding to VPN Concentrator Behavior During Connection Loss to Cisco Meraki Cloud. I am not sure about process and time if MX Meraki Cloud down (internet down) but DPLC from MX spoke(branch) to MX hub(HQ) is working fine. I found this document but not fully information to understand, I heard that if loss connection to Meraki Cloud it will take up to 15 minutes, if it trigger still it will terminate the VPN. Kindly share me the link or reference as well if you have nah.
https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Behavior_during_Conne...
https://documentation.meraki.com/MX/Site-to-site_VPN/Site-to-Site_VPN_Failover_Behavior
Thanks,
Makara
Solved! Go to solution.
If the Meraki cloud, or more importantly access to the VPN registry part of it, is lost then the following should happen:
There isn't a timeout on this as far as I am aware.
for example:
If the Meraki cloud, or more importantly access to the VPN registry part of it, is lost then the following should happen:
There isn't a timeout on this as far as I am aware.
for example:
Thank you, when MX cannot reach to VPN registry or Meraki Cloud the existing VPN peer over DPLC/MPLS still up normal? It is still up or it had period time-out when MX detect no connection to VPN registry?
You can check my diagram for detail, MX spoke VPN to HUB1 and HUB2. So when spoke no connection VPN Registry or Internet? VPN via MPLS/DPLC still working fine?
The existing connections should stay up, but if they do go down, then they will not re-establish until the access to the Meraki cloud VPN registry has been restored. In our case we can take down our internet access at the main DC and we don't see any interruption to the site-to-site connections over the MPLS.
Okay thank you, let me test it soon. If this is okay as discuss will accept this as the solution.
You mentioned correctly.
1. If we disconnect internet for DC HUB, VPN still up and user traffic still can forward normal.
2. If MX DC HUB and SPOKE use internet the same connection (DPLC or MPLS NAT to Internet the same ISP), it will be retries to Cloud same time. As I notice VPN will be down after 5 minutes after internet connection down.
Please correct me if I am wrong.
Could you advise and confirm ? is the VPN over MPLS/DPLC still working normal if MX hasn't connection to VPN registry or hasn't internet (Cloud Manage)?