Behavior during Connection Loss to Cisco Meraki Cloud

Overview

Connectivity loss can occur for several reasons: your WAN connection goes down, a Meraki data center experiences an outage, or there is an Internet routing issue between your site and Meraki.  This article describes the behavior of your network under this "connectivity loss" state.

The Meraki Cloud is an out-of-band architecture, meaning that no client data flows through the Cloud.  The system is also designed to handle connectivity failures gracefully.

If a Meraki data center experiences an outage, your network will automatically fail over to another Meraki data center. 

Assuming you have setup email alerts, you will receive an email when a Meraki node loses connectivity to the Cloud, allowing you to take corrective action if necessary.

For more information on local device management, see Using the Cisco Meraki Device Local Status Page.

Safe Configuration 

Safe configuration means that “the device has connectivity to cloud and hasn't rebooted for 30 minutes following a configuration change.” That is, the safe configuration is the last configuration the device received from the cloud that was not followed by a reboot within 30 minutes. 

MS switch

• If the configuration is safe
  • MS switch will never reboot
• If the configuration is not safe
  • MS switch will try to obtain an IP address on an alternate VLAN and then connect to the cloud through that alternate connection
  • MS switch will revert to previous safe configuration 2 hours after lost connectivity
  • After reverting to a safe configuration, the former configuration will be marked bad

MX security appliance

• If the configuration is safe
  • On firmware versions prior to MX 14.53 and MX 15.11 the MX would reboot after 4 hours
  • On firmware versions MX 14.53+ and MX 15.11+ but lower than MX 17 the MX will not reboot
  • On firmware versions MX 17+ the MX will reboot after 8 hours without dashboard connectivity to support self-healing
• If the configuration is not safe
  • MX security appliance will revert to a previously safe configuration

MG cellular gateway

• If the configuration is safe

  • MG21 (1.11+ firmware) - Whenever the connectivity to dashboard is lost, the MG21 will attempt to regain the connectivity back. If the connection attempts are unsuccessful, then the unit will perform a combination of modem and platform reset in intervals of 1 hour to recover from the loss of connectivity to the dashboard.

  • MG41/51/52 (2.0+ firmware) - Whenever the connectivity to dashboard is lost, the MG will attempt to regain the connectivity back. If the connection attempts are unsuccessful, then the unit will perform a platform reset in intervals of 30 minutes to recover from the loss of connectivity to the dashboard.

  • If the MG41/51/52 has an active Standby SIM card, then the SIM failover will kick in post 5 minutes of no connectivity to the dashboard.

• If the configuration is not safe
  • MG cellular gateway will revert to a previously safe configuration

MV camera

• MV will continue to record/store the video on the local disk. The live stream will not be available on the Dashboard

MR access point 

When a Meraki AP loses connectivity to the Cloud, the exhibited behavior is based on the SSID configuration for the AP.

If the configuration is safe, all SSIDs are configured in NAT mode and the AP is unable to successfully complete an ARP reachability test for its gateway

• MR will reboot every 4 hours

If the configuration is safe and at least one SSID is not configured in NAT mode:

• MR will not reboot after 4 hours even if the gateway ARP reachability test is unsuccessful

If the configuration is not safe

• MR will revert to the previous safe configuration (stored locally)

In general, wireless clients will continue to be able to use the WLAN during a connectivity loss.  Clients will continue to be able to access local LAN resources (e.g., printers and file shares) and, if an internet connection is available, the Internet as well.

When your network is in the "connectivity loss" state, you  will notice the following changes:

• Network configuration changes will not take effect
• Usage statistics will become out of date
• Channel spreading and other optimizations will not run
• The Rogue AP list will not update
• If you are using Meraki-hosted authentication (Sign-on with Meraki Cloud Authentication splash page) and Controller Disconnection Behavior is set to "Restricted", new clients will not be able to authenticate. By default, all new clients are denied.  You can also select for all new clients to be allowed (Open).  Clients who have already authenticated continue to function normally. The same applies to networks using WPA-2 Enterprise Meraki Cloud Authentication.
• Newly associated clients will not see Meraki-hosted splash pages.  Clients will be given access without seeing the splash page (depends on settings on Wireless > Access Control > Controller Disconnection Behavior).
• SSIDs configured in NAT mode and denying Local LAN connectivity will not broadcast.
• If you have Meraki Billing enabled, new clients will not be able to purchase network access.
• MRs with static IP addresses that are broadcasting a bridged mode SSID will continue to do so if they boot up without connectivity to their IP gateway, as long as they are running a safe configuration. However, in this scenario, the APs will not be able to connect to the Cisco Meraki Cloud or communicate with services outside their subnet.

These services will automatically resume functioning once connectivity between the wireless network and the Meraki network is restored.