Skip to main content
Cisco Meraki

MI WAN Health

WAN Health Overview

The WAN Health feature is designed to monitor ISP uplinks across organization networks. In addition to monitoring, WAN Health helps proactively troubleshoot ISP uplink issues such as "Poor Performance" ISP or "High Usage." It also helps to keep track of primary, secondary, and LTE uplinks all together in one place. WAN Health gives more granularity in terms of uplink data compared to only knowing the status of the connection (up/down). The WAN connection information is presented in a simple, easy-to-read table format.

WAN Health Use Case

The WAN Health feature is useful when...

  • Multiple MX devices have been deployed in the organization

  • An SD-WAN deployment is being used, requiring monitoring of several networks

  • A network is using LTE as an uplink failover option

  • Network administrators prefer to do more proactive monitoring and troubleshooting


WAN Health will not only help with keeping the track of how ISP uplinks are performing across the organization, it will also help determine connection patterns with historical uplink records. By keeping track of this information, WAN Health can help administrators hold ISPs accountable for network uptime SLAs, and keep data on-hand that proves the cause of any uplink issues.

Activating WAN Health

WAN Health is a part of Meraki Insight, and any Insight deployment will have access to WAN Health without additional configuration/licensing. The WAN Health feature requires a Meraki Insight license enabled in the organization and activated for the network’s MX. The MX must be running on firmware version MX 14.20 or higher. For more information on Meraki Insight licenses, please refer to this Meraki Insight article.

WAN Health Dashboard

Screen Shot 2021-01-22 at 10.42.46 AM.png

WAN Health Page (1).png


Screen Shot 2021-01-22 at 10.41.35 AM.png

  • When the last 2 hours is selected, the WAN Health dashboard will present the previous 2 hours' worth of data.
  • When the last day is selected, the WAN Health dashboard will present the previous 24 hours' worth of data.
  • When the last week is selected, the WAN Health dashboard will present the previous seven days' worth of data.
  • When Custom Range is selected, the WAN Health dashboard will present a series of dates and times, going back to 30 days that you can select in the intervals of 15 minutes. 

Explanation of Terms

WAN Health Page (2).png


  • The Down number defines the number of uplinks that are down in the dashboard organization. This could be either multiple links in one network, or links across several networks, showing a “down” status for Primary WAN, Secondary WAN, or LTE. A down status could mean (but may not be limited to) cable issues, ISP modem issues, LTE modem issues, LTE provider issues, MX issues or L2 issues between the MX and ISP modem.
    • Example: If the network is configured to send pings to, and see's 100% packet loss then it indicated that it is down. Now if the same network is configured to send pings to another destination besides and see's loss but pings to have no loss, we do indicate it as 'red' in the availability graph but do not show that under 'Down' on the banner. It will appear on the banner ONLY as a result of 100% ping loss to

Poor Performance

  • The Poor Performance number defines the number of uplinks that are having issues on the ISP side due to loss or latency. The measurement of this is based on the availability of bandwidth due to a loss or latency seen as a result of the pings sent to every second to the default destination. 
    • Example: If there is a network having no performance issue, then the link has 0% loss and 0 ms latency. If this value increases significantly, the network will be seen to have poor performance.
  • Loss and latency will be determined over the configured IP address under Security and SD-WAN > SD-WAN and Traffic Shaping > Uplink Statistics. If no IP is configured, these values will be measured against by default. On the WAN Health page, all the configured IP address statistics can be reviewed by changing the destination under the "Ping Destination" column.

High Usage

  • High Usage defines the number of networks that are saturated due to high usage on the LAN side. If the bandwidth limit is reaching 80% or greater of the set value under Security Appliance > Traffic Shaping > Uplink Configuration for a particular WAN uplink, it will be considered High Usage. For more information on Traffic Shaping, please refer to this article.
    • Example: If you have selected a window of 15 minutes and do see a high usage but expanding the window to 1 hour you notice networks do no show high usage, that indicates the high usage spiked a few times but the average of it was less than 80% over an hour and hence it is not indicated. 
  • The High Usage number indicates the number of uplinks that are saturated due to the high utilization of the available bandwidth. To accurately identify high utilization, users must set the ISP-provided bandwidth limits under Security and SD-WAN > SD-WAN and Traffic Shaping > Uplink Configuration for each uplink. If the bandwidth usage is higher than 80% of the defined limit, it will mark that uplink as High Usage.

Search Option


You can search your organization’s uplinks by four different attributes:

  • Network Name: You can type a network name and any matching networks will appear with all the configured uplinks.

  • Network Tags: This will allow you to filter the uplinks by applied Network Tags.

  • ISP: This filter will allow you to search uplinks by ISP name.

  • Uplink: This will allow you to filter the list by primary, secondary, or LTE uplink types.

Uplink Status Colors

  • Green: Uplink is healthy without any issues.

  • Yellow: Either Poor Performance (WAN issue) or High Usage (LAN issue).

  • Red: Uplink is down; no connectivity or L1 issue.

  • Grey: Uplink is either not configured or has not been connected for a long time.

Uplink Type

WAN Health Page (1) (1).png

  • WAN 1: The physical connection for the WAN 1 uplink on the MX.

  • WAN 2: The physical connection for the WAN 2 uplink on the MX

  • LTE: Either a USB 3G/4G modem or built-in LTE (for MX67C/MX68CW only) will be detected as secondary, cellular.


Note: In the event that Load Balancing is enabled, the selected primary uplink under Traffic Shaping will be labeled as primary and remaining uplinks will show as secondary.



Some MX models (such as the MX67C/MX68CW/Z3C) have integrated LTE. WAN Health will be able to detect the following from those devices:

  • Uplink Status: If the SIM card is inserted and the device is trying to connect to its service provider but is not successful, WAN Health will show the LTE status in the Uplink Status column with a Red status indicator in Connecting mode. Fully connected LTE uplinks will show the Green status indicator.

  • Uplink Type: If the uplink listed is an LTE connection, the uplink will be listed with the tag cellular under the Uplink Type column.

  • ISP: If the WAN connection is a cellular connection, the ISP field will have the LTE provider name.

  • Signal (dBm): WAN Health will report the LTE uplink's signal strength in dBm.



How is the ISP detected?

We do a reverse lookup to the next-hop IP address which will give us which ISP the uplink belongs to. Alternatively, the Security Appliance > Appliance Status > Uplink tab status page would show the ISP. If the lookup is failing, it will show “unknown.”


How is current bandwidth measured?

Current bandwidth is measured from the current uplink traffic displayed on the Security Appliance > Appliance Status > Uplink tab status page.


How are current loss and latency measured?

Current loss and latency statistics are measured based on the responses we receive on the connectivity testing IP address configured on the Security Appliance > Traffic Shaping > Uplink Statistics page. By default, the IP address is set to To change it for a different destination, you can set addresses on the Traffic Shaping page. For more information on configuring uplink statistics, please check our Traffic Shaping Settings document.


How are affected apps detected?

If there are tracked web applications set to be monitored on the Insight > Web Application Performance > Monitor tab, this data will be used to determine if the application is performing poorly on the WAN uplink.


If the performance score is less than 80% of its threshold, Insight will flag the application as “Affected.” From the WAN Health page, it will be easy to determine if the application performance is degraded due to a WAN uplink with Poor Performance or not. A Poor Performance indication could be caused by packet loss or high latency.


If the WAN shows no sign of issues, we can then check on the Web Application Performance page for that particular application. This will give more detail as to whether any issues are reported on the LAN side or the server-side. For more information on web application performance, check our main Meraki Insight document.

  • Was this article helpful?