Meraki

Community

Why Are Spokes Still Showing Both Hubs After Removing a Hub from the Template?

Solved
MerakiMaverick
Here to help
2 weeks ago
2 weeks ago

Why Are Spokes Still Showing Both Hubs After Removing a Hub from the Template?

Hello Meraki Community,

 

I have a quick question regarding AutoVPN in a hub‑and‑spoke design. I have about 200 spoke MX networks and two datacenter MX networks configured as hubs.

 

All spokes use a configuration template, where both hubs are assigned.

 

If I remove one of the hubs from the configuration template that all spokes are bound to, why do I still see both hubs listed as VPN peers on the spokes?

 

Is this the Meraki AutoVPN introducing all Hubs into the Hub and Spoke topology regardless of template configuration?

 

Thank you!

Labels:
0 Kudos
1 Accepted Solution
rhbirkelund
Kind of a big deal
Kind of a big deal
2 weeks ago
2 weeks ago

You can not have multiple AutoVPN fabrics in a single Organization. There can be only one (pun intended).

 

You’ll need to move the Test hub to a separate organization, if you do not want it included in your production fabric.

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.

View solution in original post

4 Replies 4
alemabrahao
Kind of a big deal
Kind of a big deal
2 weeks ago
2 weeks ago

The fact that it's listed doesn't mean it's in use, but in short, simply because they belong to the same organization.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
MerakiMaverick
Here to help
2 weeks ago
2 weeks ago

Thank you, @alemabrahao. I removed the hub from the Security & SD‑WAN → Site‑to‑site VPN section in my configuration template. However, the MX network that previously acted as a hub is still showing as a “Hub.” in the spoke networks.

If I want to use this MX as a test hub, how would I go about doing that? For example, can I have a production hub‑and‑spoke topology and a completely separate test hub‑and‑spoke topology? It seems that as soon as an MX is configured as a hub, it automatically gets included in the AutoVPN topology.

 

How can I separate or isolate a hub so it can be used only for testing? different organization for testing?

 

Thank you!

0 Kudos
rhbirkelund
Kind of a big deal
Kind of a big deal
2 weeks ago
2 weeks ago

You can not have multiple AutoVPN fabrics in a single Organization. There can be only one (pun intended).

 

You’ll need to move the Test hub to a separate organization, if you do not want it included in your production fabric.

LinkedIn ::: https://blog.rhbirkelund.dk/

Like what you see? - Give a Kudo ## Did it answer your question? - Mark it as a Solution 🙂

All code examples are provided as is. Responsibility for Code execution lies solely your own.
In response to rhbirkelund
alemabrahao
Kind of a big deal
Kind of a big deal
2 weeks ago
2 weeks ago

This is your answer.

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2026 Cisco Systems, Inc.