Working with a client and trying to come up with an automated failover mechanism for them. Here's the scenario: They have 3 local locations that are all interconnected over an MPLS through switches. The MPLS network is 192.168.8.0/22. One of their locations is a datacenter, and all of their server infrastructure is in the same 192.168.8.0/22 network. The datacenter has a non-meraki cluster protecting it. They have a number of remote locations that have VPN connectivity to the datacenter over this network. One of their 3 locations is new and has a Meraki MX-100 cluster on it, and the MPLS is connected through port 8 on the cluster. In the event of a Port8/MPLS failure (unlikely as it may be), they are looking for a possible Automated-Failover. From what I've seen/tried, this doesn't appear to be possible, as the Meraki seems to choke on the fact that the 192.168.8.0/22 network exists on a wired link. If I try and add a VPN to the existing VPN route to 192.168.8.0/22, it complains because the network is already defined on a port. On other devices, that I've had similar scenarios on, I can manage this by controlling route metrics/distance and they don't care if the route exists with multiple configurations. Is there a way to do this with the setup as it is today? I had thought about possibly using NAT for the VPN route, but that would require some level of redo on all of the existing VPN connectivity today. Any other thoughts? Anything I haven't considered? As it stands today, I can only see this being a manual process: 1) Delete route/disconnect cable. 2) Enable VPN. 3) Reverse when MPLS available again. Thanks!
... View more