Table of Contents
SD-WAN or software defined networking has changed the way traditional networking worked in a sudden manner. It has diminished the physical boundaries of networks, revolutionized cloud computing, brought network resiliency, bandwidth optimization and other humongous benefits in the way organizations networks are operated. It allows networks to dynamically adjust to changing network conditions without the need for manual intervention by network administrators.
In today’s topic we will learn about how we can set up Meraki WAN applications which are equipped with SD-WAN capabilities.
About Cisco Meraki
Cisco Meraki appliances can dynamically optimize your WAN without any manual adjustments with changes in network conditions. If one of the uplinks degrades in a network having multiple uplinks SD-WAN allows the network to dynamically select the best path to the final destination. This is important for latency sensitive applications or services such as videos and VoIP.
Meraki WAN appliance provides enhanced security functionality as under:
- Stateful Firewall at layer 3
- Firewall functionality at layer 7
- NAT and port forwarding feature
- Advanced Malware Protection
- Intrusion Detection and Prevention Services
- Spoofing Protection for IP Source Address
Related: Cisco Meraki Interview Questions & Answers
Set up Cisco Meraki SD WAN
Let’s look at prerequisites to enable Cisco Meraki
- Meraki SD-WAN is not compatible with other SD-WAN solutions from other vendors hence only MX appliances to be used across all sites
- Each location must have multiple uplinks for SD-WAN to function. All MX appliances which are part of SD-WAN must be registered with the same organization.
- AutoVPN and the internet circuit form of WAN is used by Meraki SD-WAN. To use AutoVPN over dedicated private WAN circuit for failover a workaround needs to be applied else it would function as SD-WAN
1. To enable Meraki SD WAN
Go to security & SD-WAN 🡪 Monitor 🡪 Appliance status
Adjust actual speed of circuits in security & SD-WAN🡪 configure🡪 SD-WAN & traffic shaping box
Next step is to enable active-active AutoVPN
In Security & SD-WAN 🡪SD-WAN & traffic shaping under uplink 🡪 global preferences enabled this option
2. Enable AutoVPN
In Security & SD-WAN 🡪 Site-to-Site VPN 🡪 choose hub for the hub site. For full mesh all remote sites will be hubs as well.
For hub and spoke topology, choose spoke for the remote site and then select dedicated hub
3. Advertisement of Network in VPN
Choose whether you want to advertise local networks by turn off or On VPN participation
4. Check VPN Status
In Security & SD-WAN🡪 Monitor 🡪 VPN status
This tab shows all VPNs connected to the site. Average latency and usage can be checked here and uplink decision for each remote site and SD-WAN policy used for uplink decision.
5. Configuring SD-WAN Policies
Select Add a preference under SD-WAN policies and VPN traffic to create SD-WAN uplink policy
Policy can be created for VOIP traffic and preferred link is best for VoIP. MOS score is used to determine the best path for voice traffic.
Related FAQs
1. What is Meraki SD-WAN?
- Meraki SD-WAN (Software-Defined Wide Area Network) is a solution that simplifies the management and optimization of WAN connections. It intelligently routes traffic over multiple WAN links (such as MPLS, broadband, LTE) to improve performance, security, and cost-efficiency.
2. How does Meraki SD-WAN improve network performance?
- Meraki SD-WAN uses real-time monitoring and dynamic path selection. It can route traffic over the most optimal path based on performance metrics such as latency, jitter, and packet loss. It ensures applications receive the necessary bandwidth and quality of service (QoS).
3. Can Meraki SD-WAN work with multiple ISP links?
- Yes, Meraki SD-WAN can manage multiple WAN connections, whether from different ISPs or different connection types (e.g., MPLS, DSL, fiber). It allows for load balancing and automatic failover between the links to maintain connectivity.
4. What is Auto VPN in Meraki SD-WAN?
- Auto VPN is a key feature of Meraki SD-WAN that enables automatic, secure site-to-site VPN connectivity between different locations. It simplifies VPN configuration and management with a few clicks in the Meraki dashboard.
5. What types of traffic can be optimized with Meraki SD-WAN?
- Meraki SD-WAN can optimize traffic for critical applications such as VoIP, video conferencing, SaaS applications, and cloud services. It ensures these applications get priority and better performance through intelligent traffic steering.
6. How does Meraki SD-WAN enhance security?
- Security features include built-in firewall, IPS/IDS, and secure VPN tunnels for data protection. Additionally, Meraki offers threat prevention, content filtering, and malware detection to enhance the security of your SD-WAN setup.
7. Can I manage Meraki SD-WAN remotely?
- Yes, all configuration, monitoring, and troubleshooting for Meraki SD-WAN can be done through the cloud-based Meraki dashboard. This allows for centralized, remote management of all WAN links and sites from anywhere with an internet connection.
8. What is Application-Aware Routing in Meraki SD-WAN?
- Application-Aware Routing lets Meraki SD-WAN identify and prioritize application traffic. It dynamically selects the best path for each application based on real-time network conditions, ensuring critical applications perform optimally.
9. How does Meraki SD-WAN handle network redundancy?
- Meraki SD-WAN provides network redundancy with automatic failover between WAN links. In the event of a primary connection failure, traffic is automatically redirected to a secondary link without disrupting services.
10. What kind of analytics and reporting does Meraki SD-WAN provide?
- The Meraki dashboard offers detailed analytics, such as traffic patterns, application usage, WAN health, and link performance. Administrators can generate reports to monitor network performance and identify areas for improvement.
11. Can I integrate Meraki SD-WAN with other security platforms?
- Yes, Meraki SD-WAN integrates with various security platforms, including Cisco Umbrella, to provide additional layers of protection like DNS security, malware protection, and content filtering at the DNS level.
12. Does Meraki SD-WAN support hybrid cloud environments?
- Yes, Meraki SD-WAN is designed to support hybrid cloud environments by providing optimized connectivity to both on-premise and cloud-based applications, with seamless integration with public cloud providers such as AWS and Azure.
13. What are the licensing requirements for Meraki SD-WAN?
- Meraki SD-WAN operates on a subscription-based licensing model. There are different license tiers that provide varying levels of features, such as advanced security and SD-WAN capabilities. Each device in the network must have a valid license for operation.
14. How scalable is Meraki SD-WAN?
- Meraki SD-WAN is highly scalable. It supports everything from small branch offices to large, multi-site enterprise deployments. The centralized cloud dashboard makes it easy to scale by adding new sites and devices with minimal configuration.
15. What hardware is required for Meraki SD-WAN?
- Meraki SD-WAN requires Meraki MX security appliances. These appliances come in various models, designed for small, medium, and large enterprise deployments. They serve as the central hub for SD-WAN capabilities, including VPN, security, and traffic routing.
ABOUT THE AUTHOR
I am here to share my knowledge and experience in the field of networking with the goal being – “The more you share, the more you learn.”
I am a biotechnologist by qualification and a Network Enthusiast by interest. I developed interest in networking being in the company of a passionate Network Professional, my husband.
I am a strong believer of the fact that “learning is a constant process of discovering yourself.”
– Rashmi Bhardwaj (Author/Editor)