Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
684
Views
0
Helpful
0
Replies

Meraki AnyConnect - Setup OGS

MerakiUser
Level 1
Level 1

‎03-21-2022 09:51 AM - edited ‎03-21-2022 09:54 AM

Hello,

 

We recently tried AnyConnect with our Cisco Meraki appliances.
We successfully got it working with RADIUS (and Cisco Group Policies) and the AzureMFA NPS-addon.

The very last thing we want to solve is OGS - to automatically route to the closest MX-appliance depending on where the user is located.

 

We have 3 MX-appliances with AnyConnect OGS enabled but when asking a user in a country Z which is closest to country B I can still see that it connects to the server specified as the primary server - country A - without querying the other servers.

 

So three servers:
Country A
Country B
Country C

 

We've checked these resources;
AnyConnect Optimal Gateway Selection Operation - Cisco Community

AnyConnect Optimal Gateway Selection Troubleshoot Guide - Cisco

This is how our profile is setup (and possible questions follow under each heading):

 

Preferences (Part 2)

prntscrn_anyconnect-profile-editor-1_210322.PNG

 

Backup Servers

prntscrn_anyconnect-profile-editor-2_210322.PNG

1) Now we have "Backup Servers" both here and under the "Server List"; should all other server addresses except for the primary server be specified here as well?

Ex. if the primary server (see below) is set to "Country A" and I only have one entry in the "Server List" below (ex. w. primary server "Country A") should "Country B" and "Country C" be listed here and not "inside" the server list's backup servers?
Or should they be in both places?


Server List

prntscrn_anyconnect-profile-editor-3_210322.PNG

Here the three servers / countries are listed as separate entries, if we go into each server specified;

1) Entry for Country A
FQDN: Country A's server address
Backup Servers:
Country B
Country C

2) Entry for Country B
FQDN: Country B's server address
Backup Servers:
Country A
Country C
3) Entry for Country C
FQDN: Country C's server address
Backup Servers:
Country A
Country B

 

Earlier when I tried to get OGS to work I only specified one single server - Country A - in the server list above and set the other countries as backup servers "inside" the server list but that didn't work either (it did not measure the latency against the other servers).

 

Optimally the profile should list each country / server separately (as my printscreen shows) so the user can select which server they want to connect to but also a "master" server entry which would route the user to the closest server i.e.;
MyVPN - Optimal
MyVPN - Country A
MyVPN - Country B
MyVPN - Country C

but I understand if that is not possible and for now I would be happy just to get OGS to work.

 

Thank you for your time and replies!

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents