Hi,
I have a hub and spoke network. I have set up VPN Exclusion via the API however the traffic still uses the VPN unless I put a static route in place to point the destination IP to one of the WAN interfaces. The documentation doesn't mention that static routes are needed. Also if the WAN interface fails, the destination IP becomes unavailable until the WAN interface comes back up. There is no way to set a secondary static route to use the secondary WAN interface.
This is what I have for the VPN Exclusion code.
If you try to configure via the dashboard and not via the API, is the result the same?
Yes, same result if configured using the GUI.
Just to confirm, your license is Secure SD-WAN Plus correct?
Yes, we have the SD-WAN+ license. The situation is the same even if the MajorApplications is configured with an empty list.
I suggest you open a support case.
What is a external hub?
Is it a default route to a non meraki vpn?
There is an Internal Hub that directs traffic to the data center and an External hub that directs traffic to everything else.
So its a meraki mx hub with the [ x ] set with default route at the spoke.
What firmware is your spoke running?