we have a site-to-site VPN but it only utilizes 1 of the WAN circuits.
Is there a way in Meraki to establish a site-to-site VPN on both WANs and load balance between the two for site to site traffic? Trying to get more site-to-site bandwidth without increasing circuit cost.
Hey. All you have to do is enable load balancing globally under Security appliance > Traffic shaping and the MX will use both. You don't have to set up any performance classes or VPN flow preferences unless you want apply rules to specific traffic. The global setting will apply to all traffic.
+1 @jdsilva ; the VPN registry takes care of identifying possible participants in a tunnel and sort out multiple combinations to set them up, so when you enable VPN they are all ready to be used.
- WAN1: 126.96.36.199
- WAN2: 188.8.131.52
- WAN1: 184.108.40.206
- WAN2: 220.127.116.11
VPN registry will store:
a) 18.104.22.168 > 22.214.171.124
b) 126.96.36.199 > 188.8.131.52
c) 184.108.40.206 > 220.127.116.11
d) 18.104.22.168 > 22.214.171.124
When both WANs are active, you will automatically have two active tunnels between the two WAN1 (a) and the two WAN2 (b).
Once you enable load balancing globally, the traffic will be automatically divided between the two tunnels, so no further configuration will be needed; sit back, relax and enjoy your coffee!
Please keep in mind that what I post here is my personal knowledge and opinion. Don't take anything I say for the Holy Grail, but try and see! Appreciate who helps and be respectful of every opinion and every solution offered. Share the love, especially the Meraki one!