We have 2 sites.
Site 1 has 2 WAN circuits, MX80
Site 2 has 2 WAN circuits, MX64
we have a site-to-site VPN but it only utilizes 1 of the WAN circuits.
Is there a way in Meraki to establish a site-to-site VPN on both WANs and load balance between the two for site to site traffic? Trying to get more site-to-site bandwidth without increasing circuit cost.
I may have figured it out.
The answer seems to be yes!!
And set up a performance class of 100ms max latency, 100ms max jitter, 10% max loss.
After setting up the AutoVPN, I went to Traffic Shaping and set up a VPN preference of load balance referencing the above performance class.
Traffic is now going site-to-site over both WAN1 and WAN2 per packet sniffing.
This is great!!
Hey. All you have to do is enable load balancing globally under Security appliance > Traffic shaping and the MX will use both. You don't have to set up any performance classes or VPN flow preferences unless you want apply rules to specific traffic. The global setting will apply to all traffic.
+1 @jdsilva ; the VPN registry takes care of identifying possible participants in a tunnel and sort out multiple combinations to set them up, so when you enable VPN they are all ready to be used.
- WAN1: 22.214.171.124
- WAN2: 126.96.36.199
- WAN1: 188.8.131.52
- WAN2: 184.108.40.206
VPN registry will store:
a) 220.127.116.11 > 18.104.22.168
b) 22.214.171.124 > 126.96.36.199
c) 188.8.131.52 > 184.108.40.206
d) 220.127.116.11 > 18.104.22.168
When both WANs are active, you will automatically have two active tunnels between the two WAN1 (a) and the two WAN2 (b).
Once you enable load balancing globally, the traffic will be automatically divided between the two tunnels, so no further configuration will be needed; sit back, relax and enjoy your coffee! 🙂