Hi All
I have read the https://documentation.meraki.com/MX/Other_Topics/vMX_NAT_Mode_Use_Cases_and_FAQ in the F.A.Q is say
How to configure spokes for NAT mode vMX?
Enable site-to-site VPN for the spokes and set the NAT mode vMX as the Hub. Next, make sure to select enable full-tunnel to the vMX by selecting IPv4 default route to true under the hub settings.
However if I'm not using the vMX as the default gateway for my remote sites, can I not select IPv4 default route to true under the hub settings?
I understand that in vMX NAT mode, it will only have one LAN subnet. Therefore it would not have any Azure subnet, and I should not change that setting.
For my case, I only want anyconnect client to use vMX as the default gateway to the internet, and for the remote sites just need to access Azure resources. all traffic is from remote sites/VPN clients to Azure. I have tried to add a static route on vMX for Azure subnets, and it seems able to advertise to remote sites. My question is, what other limitation I may have?