Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Azure vMX NAT non-meraki VPN question

jimg3
Conversationalist
2 weeks ago
2 weeks ago

Azure vMX NAT non-meraki VPN question

Hi - have 4 downstream autovpn MX units all spoke with 0.0.0.0 to Azure vMX.  Anyconnect clients at Azure. 

Need to add 3 non meraki VPNs. 2 of them need the same exit for MX connected and anyconnect connected clients. 

Can the non-meraki VPN be tagged "Azure only" so that only the vMX establishes a VPN connection?  

And if so, will the downstream MX clients be able to access that VPN? 

Or - is it better to Azure S2S and then peer with the MX?

For the remaining non-meraki - its only needed on a single MX.  Would the spoke / 0.0.0.0 to azure interfere with this? 

Labels:
0 Kudos
Subscribe
1 Reply 1
AMP
Meraki Employee
Meraki Employee
a week ago
a week ago

Hello,

 

You can tag Non Meraki VPN configurations so only certain MX's or vMX's get the tunnel configuration: https://documentation.meraki.com/MX/Site-to-site_VPN/Site-to-Site_VPN_Settings#Peer_Availability

In terms of the other questions I'm not really following the design, it might be beneficial to get a network diagram drawn up and make a support case and share the diagram with them and what your hoping to accomplish.

Knowledge is power
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.