Meraki

Community

VPN tunnel routing from multiple MX through vMX

afcon
Conversationalist
‎May 31 2019 2:45 AM
‎May 31 2019 2:45 AM

VPN tunnel routing from multiple MX through vMX

We have Meraki MX devices in multiple countries and server farms in AWS and Azure. We also have a vMX in Azure.

We've created a tunnel between the vMX and AWS, which is working fine. We need to get the MX devices to route any requests for AWS through the vMX in Azure (over the existing tunnel) rather than having to create individual tunnels in AWS for each MX device.

Can the vMX route all traffic from the remote MX devices to AWS?

If so, how would we configure this?

0 Kudos
1 Reply 1
PhilipDAth
Kind of a big deal
Kind of a big deal
‎May 31 2019 7:32 PM
‎May 31 2019 7:32 PM

Yes.  In the Azure vMX you just define the AWS subnets in the "Local Networks" section (under Site to Site VPN) so they get advertised into AutoVPN.

https://documentation.meraki.com/MX/Site-to-site_VPN/Site-to-site_VPN_Settings#Local_networks

 

Azure will have to allow the routes, and whatever is providing the link between Azure and AWS will also have to support it.  AWS will also need return routes.

The millions of firewall rules involved will also have to allow it.

 

If it was me, I would just buy a vMX for AWS.  Otherwise it is way too much work and way too many things to look at when something breaks.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
© 2024 Cisco Systems, Inc.