Meraki

Community

Warm Failover

Gordon
Getting noticed
‎Jun 3 2020 12:31 PM
‎Jun 3 2020 12:31 PM

Warm Failover

We currently have two MX84 firewalls setup with a 1GB connection (I know with the mx84 we only get 500MB but we get a real good price on the 1GB - $0)

We are in the process of adding a backup ISP but it is going to be limited. and we only want it to be used as a last resort.   From reading the order of failover is 

Primary - WAN 1

Primary - WAN 2

Secondary - WAN 1

Secondary - WAN 2

 

So if we only plug the device in to the Secondary would this achieve what we want or are there any issues to be considered.

0 Kudos
7 Replies 7
ww
Kind of a big deal
Kind of a big deal
‎Jun 3 2020 1:28 PM
‎Jun 3 2020 1:28 PM

Yes.

But how many times the secondary mx  wan1 would still  work if the primary  wan1  is down. I guess  only when there is a bad cable.

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jun 3 2020 2:01 PM
‎Jun 3 2020 2:01 PM

That ordering is correct.

0 Kudos
In response to PhilipDAth
CptnCrnch
Kind of a big deal
Kind of a big deal
‎Jun 3 2020 11:19 PM
‎Jun 3 2020 11:19 PM

It's explained here (including Cellular backup): 

 

https://documentation.meraki.com/MX/Deployment_Guides/MX_Warm_Spare_-_High_Availability_Pair#Cellula...

0 Kudos
In response to PhilipDAth
Gordon
Getting noticed
‎Jun 5 2020 6:04 AM
‎Jun 5 2020 6:04 AM

I have been putting some thought in to this and was wondering if either of these would work.  I only want to use ISP 2 as a last resort since it is a cellular device connected to the WAN port.

I don't have test environment to try this.

 

Primary WAN 1 - ISP 1

Primary WAN 2 - ISP 1

Secondary WAN 1 - ISP 1

Secondary WAN 2 - ISP 2

or 

Primary WAN 1 - ISP 1

Primary WAN 2 - no used

Secondary WAN 1 - ISP 1

Secondary WAN 2 - ISP 2

0 Kudos
In response to Gordon
CptnCrnch
Kind of a big deal
Kind of a big deal
‎Jun 5 2020 7:47 AM
‎Jun 5 2020 7:47 AM

Haven't tested it but from a logical perspective it shoud work. At least if MX1 does'nt have WAN2 to fail over, there's no other chance than to fail over to MX2.

0 Kudos
In response to CptnCrnch
Nick
Head in the Cloud
‎Jun 5 2020 11:24 AM
‎Jun 5 2020 11:24 AM

I would go with the secondary setup there

 

Primary WAN 1 - ISP 1
Primary WAN 2 - no used
Secondary WAN 1 - ISP 1
Secondary WAN 2 - ISP 2

0 Kudos
In response to Nick
Gordon
Getting noticed
‎Jul 28 2020 5:50 AM
‎Jul 28 2020 5:50 AM

So I ran a test on the weekend using the following

 

Primary WAN1 - ISP1

Primary WAN2 - ISP2

Secondary WAN1 - ISP1

Secondary WAN2 - not used.

 

This did work.  There is an issue though.  When I tried to force a failover from the Secondary to the Primary using the dashboard I got a message stating that I needed to configure the WAN2 port and it would not let me switch.  I had to go in and unplug the cell device, force the failover and plug it back in.

 

Next I have to try

Primary WAN1 - ISP1

Primary WAN2 - ISP1

Secondary WAN1 - ISP1

Secondary WAN2 - ISP2 - we want this as a last resort

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2025 Cisco Systems, Inc.