We have deployed a Meraki SD-WAN solution to around 100 sites for our customer. We now need to extend VPN connectivity to their Azure environment. We are looking to deploy a vMX100, but am wondering if this can be deployed as a Active/ Warm Standby for resilience?
Because Azure does not use ARP to do IP discovery it is unfortunately not.
Deploying anything in Azure/AWS for Active/Standby has been very clunky in my experience. For the most part it involves API calls to remap the active IP address or routing to the unit that is taking over.
I did get a response back from Cisco TAC over the weekend, where it looks like there is an more expense way of providing some HA capability.
"In regards to the vMX100 specifically, there is no formal HA support within the product itself. There are a few different ways that you can accomplish a HA-type deployment using routing and other capabilities within Azure, but but's not a classic HA deployment like we have with physical MX appliances (or ASAs). The vMX100's are fairly limited in their capabilities and for the most part limited to one-arm VPN Concentrator type deployments. From a licensing perspective, if you were to deploy two vMX100's in Azure, regardless of how you set them up, you would pay for each vMX100 license. We do not offer any HA licensing model for two vMX100's, each vMX100 spun up and deployed is licensed separately"
Active/ Active only not Warm Standby and I would need to licence both MX's.