Many deployments rely on VPN connectivity to remote resources to ensure secure communication between sites. This is one reason why Meraki has placed so much effort into designing the Auto VPN solution to help ensure maximum uptime with minimal configuration.
In addition to easy configuration, Meraki has made it a goal to provide simple and easy to understand monitoring for VPN connectivity across your organization. The VPN Status page is designed to provide detailed information about all VPN tunnels within your Meraki organization. This page provides real-time status updates between your Meraki Auto VPN peers as well as non-Meraki VPN peers. You can access the VPN Status page in either of two ways: by navigating to the Organization > VPN Status page, to view the status of all MX security appliances within your organization, or by navigating to the Network-wide > VPN Status page, to view monitoring data specifically for connectivity related to the chosen network.
These pages each display detailed information relating to the current tunnel status for each device and peer, as well as information about the per-device/peer usage, and latency. Figure 5-22 shows the organization-wide VPN Status page, while Figure 5-23 shows the VPN Status page for one specific network within that organization.
Figure 5-22 Organization-wide VPN Status Page Showing the VPN Status Summary for Several Networks
Figure 5-23 Network-level VPN Status Showing the Per-Peer Tunnel Data and Connection Details for the Device in This Network
On the organization-level VPN Status page, you can hover over a specific network to highlight that network’s data usage within the previous summary graphs, and you can select that network to open the network-wide VPN Status page for that network.
The network-wide VPN Status page includes both a peers table and an Uplink Decisions table. The Uplink Decisions table at the bottom of the page can be useful for monitoring active flows across the VPN tunnel and ensuring expected traffic is flowing between peers over the VPN as intended. Figure 5-24 shows an example of the Uplink Decisions table.
Figure 5-24 Uplink Decisions Table for a Network in the Network-level VPN Status Page
From within the Peers table, you can hover over a specific peer to highlight that peer’s data usage within the previous summary graphs, and you can select that peer to open the detailed VPN Uplink Monitoring page. This page shows historical monitoring results for encapsulated data within the tunnels across each uplink from the selected site to the selected peer, as well as any custom performance classes or VPN flow preferences that may be configured. This type of per-uplink tunnel monitoring data becomes particularly useful when employing any of Meraki’s SD-WAN solutions, which are discussed in Chapter 6. Figure 5-25 shows an example of this uplink monitoring data for two Meraki HQ sites, each with dual uplinks.
Figure 5-25 Per-Uplink VPN Monitoring Data Showing Historical Results for the Tunnels Between Each Uplink of Two Peers